Published: Fri, October 05, 2018
IT | By Darin Griffith

China inserted chips in Amazon and Apple hardware to spy

China inserted chips in Amazon and Apple hardware to spy

Bloomberg's sources claim that Apple removed about 7,000 Super Micro servers from its data centers in 2015 after discovering the malicious chips. "Apple has never found malicious chips, "hardware manipulations" or vulnerabilities purposely planted in any server", the company said. Elemental's video-compressing servers were assembled by Californian company Supermicro, which in turn built its motherboards in China.

Amazon and Apple both strongly rejected the findings, which Bloomberg said were based on conversations with 17 anonymous sources, including insiders at both tech giants.

The unnamed USA officials who informed Bloomberg's piece said the chips made it possible to modify the operating systems running on those servers, giving spies a way to remotely contact and commandeer those computers.

In unusually robust on the record statements, the two trillion dollar tech companies said they know nothing about Chinese spies planting rice grain-sized microchips in hardware that reached 30 major American companies.

Amazon reported the findings to U.S. authorities, the report stated, but the investigation is still open some three years later.

More news: Would It Make A Difference If The FBI Were To Investigate Kavanaugh?

Apple, Amazon, and Supermicro denied knowing about an investigation into the malicious chips, with Amazon also saying "it's untrue that [Amazon Web Services] knew about a supply chain compromise, an issue with malicious chips, or hardware modifications when acquiring Elemental". Not part of the motherboards' original design, the malicious chips are believed to have been implanted at factories run by Chinese manufacturing subcontractors and created to offer "long-term access to high-value corporate secrets and sensitive government networks".

The reported Chinese chip in motherboards was discovered in 2015.

The report has attracted strenuous denials from Amazon, Apple, and Super Micro.

Bloomberg reported that Amazon performed a "network-wide audit" after the company found the malicious chips in Super Micro hardware in its Beijing data center. In a statement to CNBC, Apple said it found a single infected driver on one Super Micro server in a lab, calling it a one-time event.

The extent of the data China collected from the surveillance chips was not clear from the report, and no consumer information was known to have been stolen, according to Bloomberg Businessweek.

More news: Facebook says up to 50 mn accounts breached in attack

Later, Amazon independently found the chip and also informed United States authorities.

Check out the full story and see the statements from the named companies here. Apple never had any contact with the Federal Bureau of Investigation or any other agency about such an incident.

China's Ministry of Foreign Affairs said the country is a "resolute defender of cybersecurity", and while "supply chain safety in cyberspace is an issue of common concern [.] China is also a victim".

For its part, Supermicro also said it was unaware of any investigation into its products and said it had not been contacted by "any government agency".

More news: USA terminates 1955 'Treaty of Amity' with Iran

Like this: