Report: China spy chips in servers
Pieces in devices used by U.S. tech firms, military, it says
China secretly inserted surveillance microchips into servers used by major technology companies, including Apple and Amazon.com, in a military operation likely to further inflame trade tensions between the United States and its leading source of electronics components and products, Bloomberg Businessweek reported Thursday.
The article detailed a sweeping, years-long effort to install the surveillance chips in servers whose motherboards — the brains of the powerful computers — were assembled in China. One affected company had its servers used by U.S. government clients, including Department of Defense data centers, Navy warships and the CIA in its drone operations.
The extent of the data
China collected from the surveillance chips was not clear from the report, and no consumer information was known to have been stolen, according to Bloomberg Businessweek. But it said a top-secret U.S. government investigation, dating from
2015 and involving the FBI, remains open.
White House national security adviser John Bolton said Chinese cyberattacks on the U.S. validate the Trump administration’s emphasis on offensive cyber-operations of its own. Separately, two Democratic lawmakers said the report shows the risk of Chinese cyber-espionage to U.S. companies and the government.
Bolton didn’t confirm whether the White House was aware of the Chinese hack before Bloomberg Businessweek’s report. “I don’t want to address anything that might touch on specific intelligence questions,” he told reporters.
“But I will say the Chinese efforts to threaten us in cyberspace and across the information technology spectrum are a very high priority for us — countering them, establishing structures of deterrence to prevent China from even thinking about doing it, touches on the offensive cyber-operations that the president has authorized,” Bolton said.
The article cited 17 unnamed sources, including industry insiders, and current and former U.S. officials. The Chinese government, Apple, Amazon and other involved companies disputed the report, and the FBI and U.S. intelligence officials declined to comment.
The U.S. and China are locked in a bitter and escalating trade war, in which hundreds of billions of U.S. and Chinese products are under tariffs.
The reported manipulation of electronics supply chains to U.S. companies is certain to sharpen long-standing questions about the crucial but uneasy relationship between the world’s two leading economies. American companies design and sell leading technology products, such as servers, laptop computers and smartphones, but they are built and assembled largely in China.
U.S. officials long have worried about the potential for altered microchips or other components to be secretly inserted into products and shipped to the United States and elsewhere, opening doors to long-term spying on computer users and their information networks.
Surveillance through altered hardware is more difficult to execute than more familiar hacks to software, but the results can be harder to remedy because the components must be detected and physically removed, or use of the hardware must be discontinued.
The surveillance microchips reportedly could have connected to outside computers and secretly downloaded software to bypass security protections elsewhere, such as passwords or encryption keys, stored elsewhere on the affected servers, enabling remote computerized spying.
The operation, which Bloomberg Businessweek attributed to a Chinese military unit that specializes in hacking hardware, worked by inserting a tiny, innocuous-looking microchip onto motherboards in servers produced by Supermicro, a leading supplier of such equipment based in San Jose, Calif. The company is American, but the motherboards were assembled mainly in China.
Both Apple and Amazon discovered the surveillance chips in 2015 and took steps to replace the affected servers, according to the report, which described close cooperation between U.S. investigators and affected companies. The report said dozens of companies may have used sabotaged servers in their data centers before the Chinese operation was detected.
On Thursday, Apple referred The Washington Post to its statement in the Bloomberg Businessweek story alleging that the reporting was inaccurate. “Apple has never found malicious chips, ‘hardware manipulations’ or vulnerabilities purposely planted in any server. Apple never had any contact with the FBI or any other agency about such an incident. We are not aware of any investigation by the FBI, nor are our contacts in law enforcement.”
The report also quoted denial of the reporting by Amazon Web Services, a cloud-services subsidiary of Amazon, which in 2015 acquired a company, Elemental, whose servers reportedly were affected by the Chinese operation. (The Washington Post is owned by Amazon chief executive Jeff Bezos.)
“It’s untrue that [Amazon Web Services] knew about a supply chain compromise, an issue with malicious chips, or hardware modifications when acquiring Elemental,” the Amazon statement said. “It’s also untrue that AWS knew about servers containing malicious chips or modifications in data centers based in China, or that AWS worked with the FBI to investigate or provide data about malicious hardware.”
Supermicro said in its statement, “We are not aware of any investigation regarding this topic nor have we been contacted by any government agency in this regard.”
“The report that China sought to infiltrate the computer chip supply chain, if true, is deeply disturbing and the latest example of the lengths that Beijing will go to in order to steal America’s official and commercial secrets,” U.S. Rep. Adam Schiff of California, the top Democrat on the House Intelligence Committee, said in a statement.
Earlier this year, a Commerce Department investigation that President Donald Trump ordered into Chinese trading practices found that China had hacked into U.S. businesses for commercial gain. The report referred to intelligence findings that took place during the administration of former President Barack Obama, and highlighted the ongoing nature of China’s hacking.
The investigation of the altered motherboards began during the Obama administration, people familiar with the matter said.