It has all there hallmarks of being a major spying scandal. Tiny chips inserted in United States computer equipment manufactured in China were used as part of a vast effort by Beijing to steal technology secrets, a published report has revealed.
The Bloomberg Businessweek article said the chips, the size of a grain of rice, were used on equipment made for Amazon, which first alerted US authorities, and Apple, along with possible government agencies.
The report stated a three-year secret investigation, which remains open, enabled spies to create a “stealth doorway” into computer equipment, a hardware-based entry that would be more effective and harder to detect than a software hack.
Citing unnamed US officials, Bloomberg said a unit of the People’s Liberation Army were involved in the operation, which placed the chips on equipment manufactured in China for US-based Super Micro Computer Inc.
Supermicro also manufactured equipment for Department of Defense data centers, the CIA’s drone operations, and onboard networks of Navy warships, the report pointed out.
The report said Amazon discovered the problem when it acquired software firm Elemental and began a security review of equipment made for Elemental by California-based Supermicro.
According to Bloomberg, the spy chips were designed for motherboards – the nerve centers for computer equipment – used in data centers operated by Apple, Amazon Web Services and others.
Apple said in a statement it “has never found malicious chips, ‘hardware manipulations’ or vulnerabilities purposely planted in any server.”
A statement by Amazon to AFP said that “at no time, past or present, have we ever found any issues relating to modified hardware or malicious chips in Supermicro motherboards in any Elemental or Amazon systems.”
Supermicro could not immediately be reached for comment, but Bloomberg said the firm denied any knowledge of the espionage or investigation.
In a statement, the Chinese Foreign Ministry denied the country was involved, or had been involved, in cybespying
“China is a resolute defender of cybersecurity,” it stated. “Supply chain safety in cyberspace is an issue of common concern, and China is also a victim … We hope parties make less gratuitous accusations and suspicions but conduct a more constructive talk and collaboration so that we can work together in building a peaceful, safe, open, cooperative and orderly cyberspace.”
– reporting by AFP