Biggest Tech Story of the Year or More Fake News?

Posts by: Carl Jack

At the beginning of October 2018, Bloomberg Businessweek published an article revealing that Chinese spies allegedly used a tiny surveillance chip to infiltrate America’s top 30 companies, such as Apple and Amazon. This report aroused great interest in the tech community, but its implications spread far more than the tech world and can influence the personal security of each of us.

motherboard and padlock

This is crazy:

Chinese spies planting secret micro-chips on the servers of huge American tech companies. Is this a James Bond movie? No! And according to 17 extensive interviews with corporate and government sources, this scenario is highly plausible.

Here’s what you need to know:

As reported by Bloomberg Businessweek, Chinese infiltrators stealthily implanted tiny chips, (about the size of a grain of rice), on machines made by Super Micro company, one of the world’s largest server manufacturers. The servers made by Super Micro were used by the Department of Defense, the Navy, the CIA’s drone operations, and hundreds of other organizations in the United States. These tiny chips allegedly spied on the servers’ operations, collecting high-value corporate secrets and sensitive government networks, and then reported this back to the Chinese military.

In many cases, companies outsourced the design of products to manufacturing partners in order to reduce costs. This means that companies had little idea of which components had been used. In such cases, planting a little spy chip could be relatively easy.

One of the interviewees in Bloomberg’s report is a former Apple product design engineer. She worked for years with Chinese companies that manufacture lines for dozens of Apple’s products. To her knowledge, it would be fairly easy for the Chinese military to sneak tiny spy chips into products, since there are usually numerous components on an average server main logic board, making it almost impossible to check each and every component.

How Did It All Come to Light?

The story started in 2015, Bloomberg’s sources tell, when Amazon were looking for ways to expand their Prime Video service. One company that was evaluated by Amazon is Elemental Technologies, whose machinery and servers were already utilized by several big companies. To complete the evaluation process, Amazon hired a third-party company that examined Elemental’s security.

Soon, some troubling issues were discovered:

Several Elemental servers were sent to Ontario, Canada for a closer inspection. There, the testers found a tiny micro-chip that was not included in the original motherboard design. These motherboards were supplied to Elemental by Super Micro company. This discovery sparked big worries, as Amazon, Apple, and other huge tech companies were already using these motherboards on their servers.

Sources state that investigators determined that the chip, which was inserted in Chinese subcontract factories, allowed remote attackers to infiltrate private networks in a more sophisticated method than software-based attacks.

A Song of Truth and Denial

The former Apple engineer interviewed by Bloomberg Businessweek told that in many cases, companies outsourced the design of products to manufacturing partners in order to reduce costs. This means that companies had little idea of which components had been used. In such cases, planting a little spy chip could be relatively easy.

She further mentioned a story from a company she had previously worked with, where one of the components was secretly replaced by the manufacturer with an unreliable one, causing the device’s batteries to start smoking.

These tiny chips allegedly spied on the servers’ operations, collecting high-value corporate secrets and sensitive government networks, and reported this back to the Chinese military.

Of course, both Apple and Amazon, two of the main companies mentioned on the report, have since denied the claims. Apple stated that the story is “wrong and misinformed,” while Amazon said there’s “so many inaccuracies in ‎this article as it relates to Amazon that they’re hard to count.”

But wait, the story gets an interesting twist:

It turns out that Apple cut ties with Super Micro last year due to security issues. While Apple’s spokesman denied there was a security concern, one of Super Micro’s senior managers stated that Apple has ended its business relationship with Super Micro because of the compromised systems in the App Store development environment. In relation to the recent Chinese spying story, Apple said that it had nothing to do with the decision to end the business relationship with Super Micro.

Coincidence or Not?

Backup from the Government

The Department of Homeland Security recently stated that based on current evidence, it believes Apple’s denial of claims that Chinese spies had planted surveillance micro-chips into its computer system. This statement followed a similar conclusion reached by the United Kingdom’s National Cyber Security Center, which announced that it has no reason to discredit Apple’s denial, but in contrary to their American counterparts, they urged anyone with credible information about these reports to contact them.

What’s Next?

This story hasn’t come to any conclusion yet, but as there’s no new evidences or intelligence that support Bloomberg’s report, Apple and Amazon’s denial will remain undoubtable, at least by official sources. There are many details beneath the surface and it is reasonable to assume that the public will never know the whole truth. Nonetheless, stay tuned for more news and updates regarding this fascinating story that is surely inspired by the best spy movies.