China Compromises Tech Companies With Malicious Microchips

Uploaded on 2018-10-08 in INTELLIGENCE--International, INTELLIGENCE-Hot Spots-China, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, NEWS-Cybersecurity News

An investigative report from Bloomberg  says that the Chinese military has successfully implanted malicious microchips in motherboards used by almost 30 US companies as well as intelligence agencies. 

Implanting microchips is a hardware hack that literally adds a piece that shouldn’t be there, opening a door for further attacks. 

The Bloomberg report is, however, disputed by several of the US technolgy companies allegedly affected.

What did the microchips do? 
The specific components added by a unit of the People’s Liberation Army allowed the motherboards to communicate with and be controlled or modified by an outside computer. That meant that these systems were pre-programmed to accept modifications, including, for example, manipulation of the requirement for a password. 

Bloomberg quoted Joe Grand, a hardware hacker, as saying that “Having a well-done, nation-state-level hardware implant surface would be like witnessing a unicorn jumping over a rainbow.” 

How did they get there? 
The motherboards with the malicious chips were manufactured in China for the US company Supermicro. That company assembles its products in the US, but its main product, motherboards, is manufactured in China. Supermicro, although not a household name for many Americans, supplies the hardware, often custom-built, for a wide range of companies and government agencies. 

That means that compromising the motherboards manufactured by Supermicro was an easy way to give China uninhibited access to key American industries and government operations. That’s exactly what happened. 

More specifically, the microchips themselves were manufactured by the Chinese military. Its officers then approached Chinese factories making motherboards for Supermicro and, with bribes and threats, had those microchips inserted during production. Those motherboards then became part of servers sold by Supermicro and used in US data centers. 

How was the problem discovered? 
As Bloomberg reports, the problem was discovered when Amazon looked into acquiring video compressing and formatting start-up Elemental Technologies. As part of its review, Amazon had a third-party security firm analyze Elemental’s servers.

That review found that within the motherboards used in the company’s servers was a tiny microchip that wasn’t part of the original design. 

Amazon reported this to US. authorities. Elemental's products, in addition to working on commercial projects like streaming the Olympics, also were used by the Department of Defense, CIA drone operations, and Navy warships. 

How big was the problem? 
The problem was much bigger than Elemental and affected almost 30 companies. That’s because it wasn’t just Elemental who used Supermicro motherboards, but more than 900 companies in 100 countries in 2015. The supply chain itself had been compromised. 

When did we learn about it? 
Intelligence sources had long said that the Chinese were attempting this sort of hardware attack, but the first report of activity targeted at Supermicro came in 2014 in a report made to the Obama White House. Washington was limited in its response because no attack had been reported and they had few details to act on. 

In May 2015, Apple reported suspicious activity to the FBI but kept the details quiet. Apple quietly cut ties with Supermicro soon after. The Amazon report to the FBI seems to have been much more cooperative and allowed better government understanding of the supply chain breach.

After that, Amazon also worked to cut ties with its data center in China and eventually sold it off. The full investigation, however, is still ongoing. 

What was China after? 
According to the Bloomberg report, Beijing wanted “long-term access to high-value corporate secrets and sensitive government networks.” Consumer data does not appear to have been the target. 
What do the companies involved have to say? 

Amazon, Apple, and Supermicro have all disputed the findings of Bloomberg’s report. Those statements, however, are disputed by the series of interviews, documents, and other information provided by both industry insiders and government officials involved in the matter to Bloomberg. 

What are some key takeaways? 
For one thing, this report undermines the long-held confidence that China wouldn’t want to try a hardware hack because it might hurt international trust in Chinese products driving lucrative manufacturing away from the country. It also means that although the US has been focused on software attacks, added vigilance on imported hardware is also necessary. 

Additionally, this means that China already likely has much, much more information on both US industry and military operations than was previously thought, and that Beijing is willing to aggressively and illegally go after this information. 

Finally, for President Trump’s promise of a better trade deal with China, it lends more credibility to claims of improper behavior on the part of Beijing, and perhaps justifies domestic production of key industries — not steel, but perhaps motherboards.

Washington Post:            Bloomberg

You Might Also Read:

New Microchip Increases Military Intelligence:

Modern Fiction: A Novel  Is Required Reading At The Pentagon:

 

« Google Is Building A Search Engine For Fact Checks
Buy A Dark Web Passport Scan For $15 »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

SANS Institute

SANS Institute

SANS is the most trusted and by far the largest source for information security training and security certification in the world.

Datto

Datto

Datto delivers a single toolbox of easy to use products and services designed specifically for managed service providers and the businesses they serve.

Cross Identity

Cross Identity

Cross Identity (formerly Ilantus Technologies) is a complete IAM solution that is deep, comprehensive, and can be implemented even by non-IT persons.

Axis Capital

Axis Capital

AXIS Insurance’s Professional Lines Division is a leading underwriter of technology/cyber coverage and other specialty products around the globe.

California Cybersecurity Institute (CCI) - Cal poly

California Cybersecurity Institute (CCI) - Cal poly

The CCI provides a hands-on research and learning environment to explore new cyber technologies and train and test tactics alongside law enforcement and cyberforensics experts.

Cynterra

Cynterra

Cynterra is a next generation cloud cyber security and data analytical service provider offering cloud security compliance, data protection, visibility and threat protection services.

Jerusalem Venture Partners (JVP)

Jerusalem Venture Partners (JVP)

JVP’s Center of Excellence in Be’er Sheva aims to identify, nurture and build the next wave of cyber security and big data companies to emerge out of Israel.

Ergo

Ergo

Ergo is a world-class IT Partner of choice, leveraging the latest technology available in cloud, mobility, big data, analytics, and social media.

SHIELD

SHIELD

SHIELD are the world’s leading cybersecurity company specializing in cyber fraud and identity solutions.

Everbridge

Everbridge

Everbridge provides enterprise software applications that automate and accelerate organizations’ operational response to critical events in order to keep people safe and businesses running.

Global Cybersecurity Association (GCA)

Global Cybersecurity Association (GCA)

GCA’s Symposium and conferences featuring global thought leaders and CISOs provide a global best practice perspective on cybersecurity.

evolutionQ

evolutionQ

evolutionQ delivers quantum-risk management strategies and robust cybersecurity tools designed to be safe in an era with quantum computing technologies.

Extreme Networks

Extreme Networks

Since 1996, Extreme has been pushing the boundaries of networking technology, driven by a vision of making it simpler and faster as well as more agile and secure.

SoftForum

SoftForum

SoftForum is a company specializing in next-generation information security solutions in the Quantum-Resistant-Cryptography (PQC) field.

Avalor

Avalor

Avalor are on a mission to help security teams make faster, more accurate decisions by making sense of their data. With Avalor you can bring in data from anywhere, normalize it and analyze it.

Transcendental Technologies

Transcendental Technologies

Transcendental is a consulting organization which specializes in customized assurance services in the fields of Localization, Mobile Software Solutions, Web Design, Cyber Security & Cyber Forensics.