This chip could to alter the core of operating systems, modify servers and also contact computers controlled by the attackers in search of further instructions and code.

China secretly hacked into servers of over 30 US companies with a tiny chip ReportImage for representation
Atom Data Theft Friday, October 05, 2018 - 12:22

In a massive revelation by a Bloomberg Businessweek report, a Chinese military unit has allegedly been infiltrating the technical supply chain of major US companies, including Apple and Amazon by planting a microchip, smaller than a rice grain, on their servers manufactured abroad.

According to the report, which quotes US national security officials, these microchips were planted by a unit of the Chinese People's Liberation Army to gain access to the supply chain of a firm called Super Micro, known as the "Microsoft of the hardware world".

How was it done?

These tiny chips were reportedly ‘built to look like signal conditioning couplers, and they incorporated memory, networking capability, and sufficient processing power for an attack’.

These compromised motherboards present in the servers assembled by Supermicro managed to infiltrate data centres operated by several companies, including Amazon and Apple.

This chip had the capability to alter the core of the operating system and modify the servers. Essentially, it gave the Chinese a free pass into the networks of these companies.

As per the report, the chip could also contact computers controlled by the attackers in search of further instructions and code.

This hack reportedly came to light in 2015 when Amazon was doing due diligence on Elemental Technologies, for potential acquisition.  

“Elemental’s servers could be found in Department of Defense data centers, the CIA’s drone operations, and the onboard networks of Navy warships. And Elemental was just one of hundreds of Supermicro customers,” the Bloomberg report states.

Apple and Amazon have strongly denied these reports.

According to the report, Apple discovered suspicious chips in its servers in 2015.The Cupertino-based iPhone maker replied it has never found malicious chips, "hardware manipulations" or vulnerabilities purposely planted in any server.

"The October 8, 2018 issue of Bloomberg Businessweek incorrectly reports that Apple found "malicious chips" in servers on its network in 2015. As Apple has repeatedly explained to Bloomberg reporters and editors over the past 12 months, there is no truth to these claims," Apple said in a statement.

"Over the course of the past year, Bloomberg has contacted us multiple times with claims, sometimes vague and sometimes elaborate, of an alleged security incident at Apple.

"Each time, we have conducted rigorous internal investigations based on their inquiries and each time we have found absolutely no evidence to support any of them," Apple said.

"Apple never had any contact with the Federal Bureau of Investigation (FBI) or any other agency about such an incident. We are not aware of any investigation by the FBI, nor are our contacts in law enforcement," the tech giant added.

According to Apple, its digital assistant Siri and social search and analytics company Topsy never shared servers.

"Siri has never been deployed on servers sold to us by Super Micro; and Topsy data was limited to approximately 2,000 Super Micro servers, not 7,000. None of those servers have ever been found to hold malicious chips," said Apple.

According to Apple, its best guess is that "they are confusing their story with a previously-reported 2016 incident in which we discovered an infected driver on a single Super Micro server in one of our labs".

According to Steve Schmidt, Chief Information Security Officer at Amazon Web Services (AWS) which is Amazon's Cloud arm, "there are so many inaccuracies in "this article as it relates to Amazon that they are hard to count".

"Amazon employs stringent security standards across our supply chain - investigating all hardware and software prior to going into production and performing regular security audits internally and with our supply chain partners," Schmidt said in a statement.

"We further strengthen our security posture by implementing our own hardware designs for critical components such as processors, servers, storage systems, and networking equipment," he added.

“The companies’ denials are countered by six current and former senior national security officials, who—in conversations that began during the Obama administration and continued under the Trump administration—detailed the discovery of the chips and the government’s investigation. One of those officials and two people inside AWS provided extensive information on how the attack played out at Elemental and Amazon; the official and one of the insiders also described Amazon’s cooperation with the government investigation. In addition to the three Apple insiders, four of the six U.S. officials confirmed that Apple was a victim. In all, 17 people confirmed the manipulation of Supermicro’s hardware and other elements of the attacks. The sources were granted anonymity because of the sensitive, and in some cases classified, nature of the information,” the Bloomberg report states.

With IANS inputs

Show us some love! Support our journalism by becoming a TNM Member - Click here.