A recent exposé has accused China of inserting micropchips into computer servers, granting unparalleled backdoor access to data from rival nations. As many as 30 American companies were supposedly affected in the breach, including Amazon and Apple.
Bloomberg recently held extensive interviews with 17 anonymous government sources, revealing that US officials has been conducting a top-secret investigation into strange microchips found within numerous American servers. “Not much bigger than a grain of rice,” almost 30 companies were supposedly caught in the attack including consumer services, government contractors and even a major bank.
According to the report, Amazon was among the first to discover the microchips upon acquiring Elemental. In addition, three Apple seniors confirmed that the iPhone maker also found the foreign chips in 2015, subsequently cutting ties with Supermicro the following year for supposedly “unrelated reasons.”
The compromised hardware was supplied by California-based Super Micro Computer, a company described as “the Microsoft of the hardware world” by a former U.S. intelligence official. “Supermicro sells more server motherboards than almost anyone else,” explains the publication, however most of these products are exclusively manufactured in China.
While that might sound like it’s all neatly wrapped in a bow, the ability to pass global logistics is nearly an impossibility. ““Having a well-done, nation-state-level hardware implant surface would be like witnessing a unicorn jumping over a rainbow,” says Joe Grand, a hardware hacker and the founder of Grand Idea Studio Inc.
Amazon didn’t deny the existence of these chips, although it did state that the company had no knowledge of compromised supply chains. “It’s untrue that AWSknew about a supply chain compromise, an issue with malicious chips, or hardware modifications,” explains an Amazon representative.
“On this we can be very clear: Apple has never found malicious chips, ‘hardware manipulations’ or vulnerabilities purposely planted in any server,” states Apple while Super Micro claims it is unaware of any investigations.
“China is a resolute defender of cybersecurity,” said a Chinese spokesperson in defence against the allegations. “We hope parties make less gratuitous accusations and suspicions but conduct more constructive talk and collaboration so that we can work together in building a peaceful, safe, open, cooperative and orderly cyberspace.”
The US has a zero-tolerance policy when it comes to its national security concerns, proven time and time again with the banning of Chinese manufacturers ZTE and Huawei – even if the latter strongly claims it is an ‘international company’. If these accusations are proven to be true, however, it is much more of a global problem than strictly a US one.
KitGuru Says: It’s easy to brush this off as something that belongs in movies, but the security implications are too important to ignore – particularly given that China is a tech hub for outsourcing and distribution. Until action is taken, which it will if proven to be true, it’s recommended that this story is taken with a pinch of salt.