Menu
Apple, Amazon deny report on Chinese hardware attack

Apple, Amazon deny report on Chinese hardware attack

Bloomberg Businessweek cites 17 unidentified intelligence and company sources

Credit: Dreamstime

Apple and Amazon.com have denied a media report that their systems had been infiltrated by malicious computer chips inserted by Chinese intelligence, according to statements from the companies released by Bloomberg.

Bloomberg Businessweek cited 17 unidentified intelligence and company sources as saying that Chinese spies had placed computer chips inside equipment used by about 30 companies and multiple U.S. government agencies, which would give Beijing secret access to internal networks.

Representatives of Apple, the FBI and Department of Homeland Security could not be reached for comment by Reuters, while a National Security Agency spokeswoman said she had no immediate comment.

China's Ministry of Foreign Affairs did not respond to a written request for comment. Beijing has previously denied allegations of orchestrating cyber attacks against Western companies.

Apple said it had refuted "virtually every aspect" of the story in on-record responses to Bloomberg. "Apple has never found malicious chips, 'hardware manipulations' or vulnerabilities purposely planted in any server," the company said. Amazon Web Services (AWS) said it found no issues.

Bloomberg said its report was accurate.

"Seventeen individual sources, including government officials and insiders at the companies, confirmed the manipulation of hardware and other elements of the attacks," Bloomberg said in a statement. "We stand by our story and are confident in our reporting and sources."

The story reported that malicious chips were planted by a unit of the Chinese People's Liberation Army, which infiltrated the supply chain of computer hardware maker Super Micro Computer.

The operation is thought to have been targeting valuable commercial secrets and government networks, the news agency said.

In a blog post on the Bloomberg report, Amazon Web Services said: "At no time, past or present, have we ever found any issues relating to modified hardware or malicious chips in Super Micro motherboards in any Elemental or Amazon systems. Additionally, we have not engaged in an investigation with the government."

Super Micro Computer shares fell 38 per cent to US$13.26 in Pink Sheet trading. They had fallen as low as US$8.50 earlier in the session.

San Jose, California-based Super Micro said it strongly denies reports that servers it sold to customers contained malicious microchips in the motherboards of those systems.

It said it has never found any malicious chips, has not been informed by any customer that such chips have been found, and has never been contacted by any government agencies on the matter.

Bloomberg reported that AWS uncovered the malicious chips in 2015 when examining servers manufactured by a company known as Elemental Technologies, which AWS eventually acquired.

The investigation found that Elemental servers, which were assembled by Super Micro, were tainted with tiny microchips that were not part of their design, Bloomberg said.

Amazon reported the matter to U.S. authorities, who determined that the chips allowed attackers to create "a stealth doorway" into networks using those servers, the story said.

AWS told Bloomberg it had re-reviewed its records related to the Elemental acquisition and "found no evidence to support claims of malicious chips or hardware modifications."

Bloomberg also reported that Apple in 2015 found malicious chips in servers it purchased from the hardware maker, then stopped doing business with Super Micro in 2016 for reasons that were not related, citing three unidentified company insiders.

Apple denied the account, saying it had investigated the claims.

"On this, we can be very clear: Apple has never found malicious chips, 'hardware manipulations' or vulnerabilities purposely planted in any server," Apple told Bloomberg.

The report coincides with the increasing concerns of authorities in the United States about foreign intelligence agencies infiltrating U.S. government agencies and private companies via so-called "supply chain attacks," particularly from China where many global tech firms outsource their manufacturing.

The U.S. government on Wednesday warned that a hacking group widely known as cloudhopper, which Western cyber security firms have linked to the Chinese government, has launched attacks on technology service providers in a campaign to steal data from their clients.

Two prominent U.S. cyber security companies warned this week that Chinese hacking activity has surged amid a trade war between Washington and Beijing.

(Reporting by Jack Stubbs in London; Sweta Singh in Bangalore; Christopher Bing in Washington; Kenneth Li in New York, Adam Jourdan in Beijing; writing by Jim Finkle; editing by Nick Zieminski and Grant McCool)


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags Appleamazoncyber

Events

Featured

Slideshows

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners

This year’s Reseller News 30 Under 30 Tech Awards were held as an integral part of the first entirely virtual Emerging Leaders​ forum, an annual event dedicated to identifying, educating and showcasing the New Zealand technology market’s rising stars. The 30 Under 30 Tech Awards 2020 recognised the outstanding achievements and business excellence of 30 talented individuals​, across both young leaders and those just starting out. In this slideshow, Reseller News honours this year's winners and captures their thoughts about how their ideas of leadership have changed over time.​

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners
Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security

This exclusive Reseller News Exchange event in Auckland explored the challenges facing the partner community on the cloud security frontier, as well as market trends, customer priorities and how the channel can capitalise on the opportunities available. In association with Arrow, Bitdefender, Exclusive Networks, Fortinet and Palo Alto Networks. Photos by Gino Demeer.

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security
Reseller News welcomes industry figures at 2020 Hall of Fame lunch

Reseller News welcomes industry figures at 2020 Hall of Fame lunch

Reseller News welcomed 2019 inductees - Leanne Buer, Ross Jenkins and Terry Dunn - to the fourth running of the Reseller News Hall of Fame lunch, held at the French Cafe in Auckland. The inductees discussed the changing face of the IT channel ecosystem in New Zealand and what it means to be a Reseller News Hall of Fame inductee. Photos by Gino Demeer.

Reseller News welcomes industry figures at 2020 Hall of Fame lunch
Show Comments