Apple, Amazon deny Chinese spy chips in hardware
Apple and Amazon are denying a report claiming spy chips from China were found in hardware they use.
According to Bloomberg, tiny microchips were found on motherboards of servers assembled by the San Jose company Super Micro Computer. An official cited anonymously by Bloomberg said the supply chain-level breach affected almost 30 companies, including Amazon Web Services and Apple.
Three years ago, Amazon considered a possible acquisition of Elemental Technologies – which used servers built by Super Micro – to help bolster its Web Services, according to the report, but grew wary after uncovering security issues, including the microchips. Amazon eventually acquired Elemental in September 2015. In 2015, three senior insiders at Apple – once a big customer of Super Micro – discovered the malicious chips, the report said. Apple stopped working with Super Micro a year later for undisclosed reasons.
When contacted by USA TODAY, Apple pointed to its statement on Bloomberg’s website denying the report. “On this we can be very clear: Apple has never found malicious chips, ‘hardware manipulations’ or vulnerabilities purposely planted in any server,” the company said. Amazon called the report “erroneous” in a blog post published Thursday. “At no time, past or present, have we ever found any issues relating to modified hardware or malicious chips in Super Micro motherboards in any Elemental or Amazon systems,” the company said.
In a statement Thursday, Bloomberg News said the story required more than a year of reporting and more than 100 interviews. They also said 17 individual sources confirmed the manipulated hardware. “We stand by our story,” Bloomberg News said.
U.S. investigators found the chips were added to the motherboards during the manufacturing process in China, the Bloomberg report said. An unnamed government official told Bloomberg the goal was securing long-term access to government networks and “high-value corporate secrets.”