Published: Fri, October 05, 2018
IT | By Jonathon Greene

Super Micro motherboards used by Apple, Amazon contained Chinese spy chips

Super Micro motherboards used by Apple, Amazon contained Chinese spy chips

Bloomberg reported that the malicious chips were planted by a unit of the Chinese People's Liberation Army, which infiltrated the supply chain of a hardware company called Supermicro.

Three "senior insiders" claim that Apple found malicious chips on Supermicro motherboards, also in 2015, and severed its ties with the company the following year.

Elemental's servers were in U.S. Navy ships and Defense Department data centers, Businessweek interviews with U.S. officials reveal.

The company has denied the claims made in the extensive report by Bloomberg Businessweek, however, that hasn't stopped a share price onslaught.

"Over the course of the past year, Bloomberg has contacted us multiple times with claims, sometimes vague and sometimes elaborate, of an alleged security incident at Apple", the Apple statement reads.

According to the Thursday report, the chips were hidden on server motherboards being sold by the San Jose-based company Supermicro, during the manufacturing process in China. A third-party test of Elemental's Super Micro-assembled servers turned up those tiny, malicious chips, a discovery Amazon reportedly shared with USA authorities at the time.

Elemental's services, made possible through the manufacturing deal with Supermicro, appears to have been an ideal target for Chinese state-sponsored attackers to conduct covert surveillance.

Bloomberg also reported that Apple in 2015 found malicious chips in servers it purchased from the hardware maker, then stopped doing business with Super Micro in 2016 for reasons that were not related, citing three unnamed company insiders. The report said that dozens of companies may have used sabotaged servers in their data centers before the Chinese operation was detected. Almost all the critical parts of a server are made and assembled in China or Taiwan, and China's espionage operation has targeted the tech industry before, such as in 2010 when hackers believed to be working on behalf of the Chinese government infiltrated Google. Apple never had any contact with the Federal Bureau of Investigation or any other agency about such an incident. Bloomberg quoted "three senior insiders" as saying they had also discovered the tiny chips, which Bloomberg said were much smaller than a penny and were created to transmit information back to China about the data flowing across the servers. We know that security is an endless race and that's why we constantly fortify our systems against increasingly sophisticated hackers and cybercriminals who want to steal our data. Apple and AWS deny these moves involving Super Micro were related to chip worries.

Super Micro noted that it wasn't aware of "any investigation regarding this topic nor have we been contacted by any government agency in this regard".

"It's untrue that AWS knew about a supply chain compromise, an issue with malicious chips, or hardware modifications when acquiring Elemental", Amazon told Bloomberg.

Like this: