How China secretly hacked into servers of U.S. companies
A shocking new report by Bloomberg has revealed that China used a tiny chip to hack into servers of over 30 U.S. companies.
Source: Sheetal Sukhija
The report in Bloomberg Businessweek has alleged that a Chinese military unit infiltrated the technical supply chain of major U.S. companies by planting a microchip, smaller than a rice grain, on their servers manufactured abroad.
This chip, the report stated could alter the core of operating systems, modify servers and also contact computers controlled by the attackers in search of further instructions and code.
The report quoted U.S. national security officials as saying that these microchips were planted by a unit of the Chinese People's Liberation Army to gain access to the supply chain of a firm called Super Micro.
The firm being targeted is reportedly known as the "Microsoft of the hardware world."
According to the report, the tiny chips were reportedly "built to look like signal conditioning couplers, and they incorporated memory, networking capability, and sufficient processing power for an attack."
It further pointed out that the compromised motherboards that were present in the servers assembled by Supermicro then infiltrated data centres operated by several companies - which reportedly included even Amazon and Apple.
The report said that the advanced capabilities of the chips used essentially gave the Chinese a free pass into the networks of these companies.
According to the report, the hack first came to light in 2015.
It emerged when the Jeff Bezos led Amazon was considering an acquisition of Elemental Technologies    and conducted a due diligence on the company.
In its expose, the Bloomberg report said, “Elemental’s servers could be found in Department of Defense data centers, the CIA’s drone operations, and the onboard networks of Navy warships. And Elemental was just one of hundreds of Supermicro customers."
The report also stated that Apple too discovered suspicious chips in its servers in 2015.
However, both Apple and Amazon were quick to deny the report.
Apple argued that it has never found malicious chips, "hardware manipulations" or vulnerabilities purposely planted in any server.
In a statement, Apple said, "The October 8, 2018 issue of Bloomberg Businessweek incorrectly reports that Apple found "malicious chips" in servers on its network in 2015. As Apple has repeatedly explained to Bloomberg reporters and editors over the past 12 months, there is no truth to these claims."
The iPhone maker added in its statement, "Over the course of the past year, Bloomberg has contacted us multiple times with claims, sometimes vague and sometimes elaborate, of an alleged security incident at Apple. Each time, we have conducted rigorous internal investigations based on their inquiries and each time we have found absolutely no evidence to support any of them."
It added, "Apple never had any contact with the Federal Bureau of Investigation (FBI) or any other agency about such an incident. We are not aware of any investigation by the FBI, nor are our contacts in law enforcement."
Apple further argued that its digital assistant Siri and social search and analytics company Topsy never shared servers and the California-based company said, "Siri has never been deployed on servers sold to us by Super Micro; and Topsy data was limited to approximately 2,000 Super Micro servers, not 7,000. None of those servers have ever been found to hold malicious chips."
In its statement, Apple added that its best guess is that "they are confusing their story with a previously-reported 2016 incident in which we discovered an infected driver on a single Super Micro server in one of our labs."
Meanwhile, Chief Information Security Officer at Amazon's cloud arm - Amazon Web Services (AWS), Steve Schmidt said, "There are so many inaccuracies in "this article as it relates to Amazon that they are hard to count."
He said in a statement, "Amazon employs stringent security standards across our supply chain - investigating all hardware and software prior to going into production and performing regular security audits internally and with our supply chain partners. We further strengthen our security posture by implementing our own hardware designs for critical components such as processors, servers, storage systems, and networking equipment."
Meanwhile, commenting on the denials by both Apple and Amazon, the Bloomberg report said, “The companies’ denials are countered by six current and former senior national security officials, who—in conversations that began during the Obama administration and continued under the Trump administration—detailed the discovery of the chips and the government’s investigation."
It continued, "One of those officials and two people inside AWS provided extensive information on how the attack played out at Elemental and Amazon; the official and one of the insiders also described Amazon’s cooperation with the government investigation. In addition to the three Apple insiders, four of the six U.S. officials confirmed that Apple was a victim."
The report pointed out, "In all, 17 people confirmed the manipulation of Supermicro’s hardware and other elements of the attacks. The sources were granted anonymity because of the sensitive, and in some cases classified, nature of the information."
Even Super Micro has rejected Bloomberg's claims and said that it was "not aware" of any government investigation into the issue.
It argued that no customer had stopped using its products because of fears about Chinese hackers.
The Bloomberg report also pointed out that China was well placed to carry out this kind of attack since 90 percent of the world's PCs are made in the country.
However, China's Ministry of Foreign Affairs called the story a "gratuitous accusation."
It said that the safety of supply chains was an "issue of common concern."