Russia-based cybersecurity company Kaspersky Lab today said that while „hardware supply chain attacks are a reality,“ evidence suggests Bloomberg Businessweek’s report about Chinese intelligence tampering with server motherboards manufactured by Apple’s former supplier Supermicro is „untrue.“
Apple data center Kaspersky Lab said the report „should be taken with a grain of salt“ in its 14-page analysis of the alleged attack, obtained by MacRumors:
The stories published by Bloomberg in October 2018 had a significant impact. For Supermicro, it meant a 40% stock valuation loss. For businesses owning Supermicro hardware, [...]
Rob Joyce, Senior Advisor for Cybersecurity Strategy at the NSA, is the latest official to question the accuracy of Bloomberg Businessweek’s bombshell „The Big Hack“ report about Chinese spies compromising the U.S. tech supply chain.
„I have pretty good understanding about what we’re worried about and what we’re working on from my position. I don’t see it,“ said Joyce, speaking at a U.S. Chamber of Commerce cyber summit in Washington, D.C. today, according to a subscriber-only Politico report viewed by MacRumors.
„I’ve got all sorts of commercial industry freaking out and just losing their minds about [...]
Bloomberg Businessweek today reports that around three years ago, the Chinese military began inserting microchips on Supermicro server motherboards while they were being manufactured in China, providing the Chinese government with a stealth doorway into any network that used the tampered hardware.
The report cites an official who said investigators found the attack eventually affected nearly 30 companies, including Apple and Amazon, along with a major bank and government contractors in the United States.
The microchip was placed on the motherboards in a way that allowed it to inject its own code or alter the order of the instructions the CPU was meant to follow, [...]