China 'put tiny chips in USA computers to steal tech secrets'

Share

These chips could then reportedly be activated to compromise the networks of enterprise companies.

Apple - which tends to refrain from issuing direct responses to specific reports - has taken the unorthodox step of categorically denying Bloomberg's revelations.

In a statement to Bloomberg Businessweek that was also provided to Fox News, Apple said that Bloomberg's reporting is "inaccurate" and the sources in the story might be "wrong or misinformed".

Bloomberg ran its original story with information from 17 unnamed intelligence and company sources. The surveillance microchips reportedly could have connected to outside computers and secretly downloaded software to bypass security protections elsewhere, such as passwords or encryption keys, stored elsewhere on the affected servers, enabling remote computerized spying. Not part of the motherboards' original design, the malicious chips are believed to have been implanted at factories run by Chinese manufacturing subcontractors and created to offer "long-term access to high-value corporate secrets and sensitive government networks". In total, Bloomberg says, the hack allowed the Chinese government to spy on nearly 30 American companies.

Tariffs "would cause broad, disproportionate economic harm to USA interests, including our companies and U.S. workers, our customers, United States consumers, and broader U.S. economic and strategic priorities", the letter read.

A third-party security testing firm hired by Amazon found the chips on servers from a company called Elemental Technologies, which Amazon acquired to bolster its streaming video business, according to the report.

Bloomberg said the denials were countered by testimony from "six current and former national security officials" as well as insiders at both Apple and Amazon who had detailed the investigation and its aftermath. These motherboards have been used in servers by companies like Amazon and Apple as well by at least 28 other USA companies and organisations.

Bloomberg's sources claim that Apple removed about 7,000 Super Micro servers from its data centers in 2015 after discovering the malicious chips.

Both Apple and Amazon discovered the surveillance chips in 2015 and took steps to replace the affected servers, according to the report, which described close cooperation between US investigators and affected companies.

According to Bloomberg, the goal of the hack was not to gain consumer data, but rather to have "long-term access to high-value corporate secrets and sensitive government networks". Apple never had any contact with the Federal Bureau of Investigation or any other agency about such an incident.

The tech giant further stated that it was "accidental" and was not a "targeted attack against Apple". Apple and AWS deny these moves involving Super Micro were related to chip worries.

Meanwhile, Beijing didn't directly address questions about manipulation of Supermicro servers, issuing a statement that read, in part: "Supply chain safety in cyberspace is an issue of common concern, and China is also a victim".

Share