11 February 2019
Chinese spies have reportedly inserted a tiny microchip into the servers used by Apple, Amazon, and others. The report comes from Bloomberg Businessweek that cites current and former US intelligence sources. It’s discovered that a branch of China’s armed forces reportedly forcing Chinese manufacturers to insert the microchips into US-designed servers. Reportedly, this tiniest chip which isn’t bigger than a grain of rice can let in new code like a Trojan Horse which could mislead users. Such backdoors could allow the malicious means access to anything that appears on those servers where this grain-sized chip is installed. However, there isn’t any record yet that could tell there was any harm to users’ data.
While Apple and Amazon call this report on Chinese spy chips bullshit, the report from Bloomberg citing the sources claims that the two companies discovered the hack through their internal investigations and reported it to US authorities. The report further concluded that both the firms worked quietly to remove the compromised servers from their infrastructure.
Amazon strongly refuting the report said, it’s “untrue” that it knew of “servers containing malicious chips or modifications in data centers based in China,” or that it “worked with the FBI to investigate or provide data about malicious hardware.” Apple is equally bullish on this subject and has made a statement telling Bloomberg, “On this, we can be very clear: Apple has never found malicious chips, ‘hardware manipulations’ or vulnerabilities purposely planted in any server.”
The report, however, hasn’t been confirmed by on-the-record sources from the US intelligence community. The FBI and the Office of the Director of National Intelligence, representing the CIA and NSA have reportedly declined to comment for the story.
The reported attack which according to Apple and Amazon is untrue was carried out via the US-based company Super Microco Computer Inc, commonly known as Supermicro. It’s one of the world’s biggest suppliers of server motherboards. The company manufactures servers for hundreds of customers, including Elemental Technologies. Amazon began quietly evaluating this company to help with a major expansion of its streaming video service, known today as Amazon Prime Video.
Bloomberg says the Chinese military primarily targeted Elemental. Its “servers could be found in Department of Defense data centers, the CIA’s drone operations, and the onboard networks of Navy warships.” And, thousands more used by Apple and Amazon.
Parts of Bloomberg’s story have been previously reported where the publication has stated that Apple and Amazon had past relationships with Supermicro. In a statement to Bloomberg, Amazon admitted finding “vulnerabilities” in Supermicro’s products but said they were software, not hardware, related.
Bloomberg has defended its reporting stating,
“Seventeen individual sources, including government officials and insiders at the companies, confirmed the manipulation of hardware and other elements of the attacks,” Bloomberg said in a statement. “We stand by our story and are confident in our reporting and sources.
According to the publication, the US intelligence community’s investigation is still ongoing, three years after it was opened.
Following the report, shares of Super Micro plummeted more than 40 percent. Apple shares went down 1 percent in Thursday trading, while Amazon fell about 1.5 percent. Also, Lenovo shares plunged 15 percent due to fears that consumers and businesses could become reluctant to buy Chinese tech goods.