China inserted chips in Apple and Amazon servers, report claims

Fear grows as China secretly sneak a tiny microchip inside servers used by the DoD and CIA

Both firms deny report they found chips giving backdoor access to computers and data.

A Chinese military unit has been inserting tiny microchips into computer servers used by companies including Apple and Amazon that give China unprecedented backdoor access to computers and data, according to a new Bloomberg report.

The tiny chips, as small as the tip of a sharpened pencil and designed to be undetectable without specialist equipment, were implanted on to the motherboards of servers on the production line in China, the report in Bloomberg Businessweek said.

Technology shares in Hong Kong fell sharply on Friday led by Lenovo, which lost 23% in morning trade. The Hong Kong-listed shares of Chinese telecommunications equipment maker ZTE Corp lost more than 14%.

 

Bloomberg reported sources saying that the Chinese military unit planted microchips inside servers used by around 30 firms and US government agencies. Photograph: Paul Giamou/Getty Images/Brand X

The chips were reportedly developed by a specialised computer hardware attack unit in the People’s Liberation Army, and gave hackers unfettered access to anything the server did, allowing them to potentially manipulate the server to steal data, contact other servers and alter operations.

Compellingly impact sticky imperatives before high-quality e-commerce. Compellingly enhance sustainable human capital for technically sound technology. Globally formulate scalable materials whereas backend e-business. Proactively redefine team driven human capital via robust infomediaries. Dynamically envisioneer cross-media vortals with cross-media strategic theme areas.

“Having a well-done, nation-state-level hardware implant surface would be like witnessing a unicorn jumping over a rainbow,” Joe Grand, a hardware hacker and the founder of Grand Idea Studio, told Bloomberg.

 

The allegedly compromised hardware, sold by Super Micro Computer, which is based in San Jose, California and described as “the Microsoft of the hardware world”, found its way into the data centres and operations of 30 companies, including Apple and Amazon as well as banks, hedge funds and government contractors, according to the report.

The attack was reportedly discovered in 2015 by the US intelligence services, as well as by Apple and Amazon as the companies purchased servers made by Super Micro Computer. The report claims Amazon became aware of the attack during movesby its subsidiary Amazon Web Services (AWS) to purchase streaming video compression firm Elemental Technologies in 2015. Apple had reportedly bought around 7,000 Super Micro servers when its security teams discovered the chips.

The report cited 17 unnamed intelligence and company sources as saying that Chinese spies had placed computer chips inside equipment used by around 30 companies, as well as multiple US government agencies, which would give Beijing secret access to internal networks.

Amazon, Apple and Super Micro have all denied Bloomberg’s report. Amazon said: “It’s untrue that AWSknew about a supply chain compromise, an issue with malicious chips, or hardware modifications when acquiring Elemental.”

AWS said: “As we shared with Bloomberg BusinessWeek multiple times over the last couple months, at no time, past or present, have we ever found any issues relating to modified hardware or malicious chips in SuperMicro motherboards in any Elemental or Amazon systems.‎”

Apple said: “On this we can be very clear: Apple has never found malicious chips, ‘hardware manipulations’ or vulnerabilities purposely planted in any server.”

“We remain unaware of any such investigation,” said Super Micro.

Super Micro Computer engineers its equipment in San Jose, but, like the majority of electronics firms, it outsources manufacturing, including to contractors in China.

The Chinese government has also denied the report. A spokesperson said: “China is a resolute defender of cybersecurity. We hope parties make less gratuitous accusations and suspicions but conduct more constructive talk and collaboration so that we can work together in building a peaceful, safe, open, cooperative and orderly cyberspace.”

There have been increased concerns about foreign intelligence agencies infiltrating US and other companies via so-called “supply chain attacks”, particularly from China where multiple global tech firms outsource their manufacturing.

Associated Press contributed to this report

 

     

Add comment

Your email address will not be published. Required fields are marked *

Latest Updates

Advertisement