05 Oct 2018

A significant supply chain attack has been reported which is considered to be one of the largest corporate infiltration and hardware hacking programs from a nation-state.

According to Bloomberg, a tiny surveillance chip which is just the size of a grain of rice, has been found hidden in the servers used by nearly 30 American companies, including Apple and Amazon.

The original server motherboards which was designed by the U.S-based company Super Micro had been inserted with these malicious chips during the manufacturing process in China.

After long 3 years of top-secret investigation in the United States, the reports have been done and it claims that the Chinese government-affiliated groups managed to infiltrate the supply chain to install tiny surveillance chips to motherboards which were then used as servers by U.S. military, U.S. intelligence agencies, and many U.S. companies like Apple and Amazon.

Apple have discovered this chip which was inside Supermicro servers around May 2015 when they detected an odd network activity and firmware problems.

As the implants are small, the code contained in it was also small. But they could do two very important things. One is to tell the device to communicate with one of several anonymous computers elsewhere on the internet that were loaded with more complex code; and the second is to prepare the device’s operating system to accept this new code.

The chips that have been inserted were more difficult to pull off and potentially more devastating, promising the kind of long-term, stealth access that spy agencies are willing to invest millions of dollars and many years to get.

According to the report, “Depending on the board model, the chips varied slightly in size, suggesting that the attackers had supplied different factories with different batches.”

Apple, Amazon, and Super Micro Refute the Bloomberg Report

Apple told Bloomberg that they have not found any malicious chips, “hardware manipulations,” or vulnerabilities inserted in any of its servers, or it “had any contact with the FBI or any other agency about such an incident.”

Apple ended its relationship with Super Micro in 2016. Apple says that the Bloomberg reporters might be confused with a previously-reported 2016 incident in which the company found an infected driver on a single Super Micro server in one of its labs.

Amazon also says it is not true that the company knew of “a supply chain compromise,” or “servers containing malicious chips or modifications in data centers based in China,” or that it “worked with the FBI to investigate or provide data about malicious hardware.”

Besides, Supermicro and Chinese Ministry of Foreign Affairs have also strongly denied Bloomberg’s findings.

Technical Writer,  Blogger,

Leave your thought

This site uses Akismet to reduce spam. Learn how your comment data is processed.