Crime

Chinese spies reportedly hacked many U.S. companies and governmental agencies

Using a microchip, Chinese agents pulled off one of the most devastating supply-chain hacks ever discovered against the United States.

In an exposé published by Bloomberg, servers built by Super Micro Computer Inc. (Supermicro) were found to carry a microchip not part of the original design. These chips found on machines used by the United States’ Department of Defense, the CIA, Navy warships, and companies such as Amazon and Apple allowed for backdoor access to networks.

U.S. investigators report members of China’s People’s Liberation Army are responsible for the insertion of the chips. China, in particular, has much to gain from a manufacturing-level attack, as the country produces 75% of the world’s mobile phones and 90% of its personal computers.

Such an attack, while lucrative, is usually impossibly difficult to execute, requiring extensive knowledge of design, components, manufacturing, and transport.

“Having a well-done, nation-state-level hardware implant surface would be like witnessing a unicorn jumping over a rainbow”

– Joel Grand, Hacker and founder of Grand Idea Studio Inc.

Evidence of the attack was first uncovered as part of an acquisition process: In 2015, Amazon was looking to acquire the startup Elemental Technologies, which had contracts with the United States government and sold servers manufactured by Supermicro.

Though, Elemental is merely only one of Supermicro’s long list of clients, leaving room for the possibility of doctored machines reaching many markets in many corners of the globe. Investigators have since discovered the attack affected nearly 30 companies.

Amazon and Apple, when asked for comment, remained tight-lipped, denying knowledge of the attack, as well as any indication servers sold by Supermicro were microchipped.

“It’s untrue that AWS [Amazon Web Services] knew about a supply chain compromise, an issue with malicious chips, or hardware modifications when acquiring Elemental.”

– Amazon

“On this we can be very clear: Apple has never found malicious chips, ‘hardware manipulations’ or vulnerabilities purposely planted in any server.”

– Apple

Said denials, however, have been refuted by, as Bloomberg notes, “six current and former senior national security officials” who “detailed the discovery of the chips and the government’s investigation” to the companies affected by the attack.

Today, the fallout of the attack few have ever heard about is massive, with the American government levying recent trade sanctions against Chinese computer and networking hardware.

Bloomberg also reported White House Officials believe the repercussions of the attack will transcend governmental policy, with companies more liable to opt to manufacture their products outside of China.

Most Popular

To Top