US, UK back Amazon & Apple’s over Chinese microchip hack

US and UK officials have both released statements in support of Apple, Amazon and Supermicro saying there is no reason to doubt their assessments over a report on malicious Chinese microchips.

Bloomberg Businessweek cited over a dozen sources as saying China had implanted tiny spy chips inside equipment used by about 30 US companies, allegedly giving Beijing covert access to internal networks.

Background

China and the United States have long competed over trade, business, technology and military with the Asian giant predicted to overtake the US in GDP in the coming years. As the trade war between the two countries continues to intensify, their views on the internet, digital security and policies for intellectual property greatly differ.

China has been linked to several cyber espionage campaigns over the years targeting US tech, defense and energy firms. These continued efforts eventually led to the coining of the well-known term – Advanced Persistent Threat (APT). An APT group is a formidable threat group backed by an established nation state and focuses on exploitation, theft and persistent access to privileged systems over months or years.

US cybersecurity firm Mandiant – later acquired by FireEye – published an unprecedented report in 2013 that detailed the cyber operations of APT1, a threat group believed to be linked to Unit 61398 of the People’s Liberation Army (PLA). Multiple security firms have since tied several APT groups and their cyber espionage campaigns to the Chinese military.

In 2015, the US and China reached an agreement not to support or conduct cyber-enabled theft of intellectual property and trade secrets. Although this diplomatic effort was deemed significant progress, concerns still prevail over its effect on the scope and scale of cyberattacks between the two nations.

Read more of our extensive analysis of the Chinese microchip hack here

Analysis

The US Department of Homeland Security and the National Cyber Security Centre – a unit of Britain’s GCHQ – said there is “no reason” to doubt the assessments made by companies challenging a report on microchips implanted onto servers by Chinese intelligence services.

Bloomberg Businessweek, citing 17 unnamed intelligence and company sources, reported China secretly installed tiny chips on motherboards used for Supermicro servers. These servers eventually made their way inside the IT infrastructure of Apple, Amazon and 30 other companies. The chips were reportedly developed by a unit of China’s PLA.

The malicious microchips modified how the servers worked and could be used by attackers to manipulate operations, monitor and exfiltrate data and contact other computers controlled by the attackers. Bloomberg reported the supply chain attack gave Beijing covert access to internal networks and data. The scheme was reportedly discovered by US intelligence services in 2015.

Apple, Amazon and Super Micro have contested the report. Bloomberg said their denials are “countered by six current and former senior national security officials” who had knowledge of the Obama Administration’s discovery of the microchips and the investigation into the attack that has continued into the Trump administration.

An NCSC spokesperson said: “We are aware of the media reports but at this stage have no reason to doubt the detailed assessments made by AWS and Apple. The NCSC engages confidentially with security researchers and urges anybody with credible intelligence about these reports to contact us.”

The DHS followed up a day later with a similar statement.

While Bloomberg has stood by its reporting, security and infosec experts have criticized various aspects of the Bloomberg article including its inaccurate artwork, lack of technical details, and sources unwilling to go on the record. Still, they have emphasized that supply chain security risks do exist and are cause for serious concern, particularly when the manufacturing process is outsourced.

The report comes amid heightened tensions between the US and China as they continue to slap tit-for-tat tariffs on each other in an intensifying trade dispute. US Vice President Mike Pence recently accused China of attempting to influence the 2018 elections and undermine President Trump.

Assessment

Our assessment is that the heavily disputed Bloomberg report could fan tensions between the US and China amid the ongoing trade war, and take a toll on stock prices. We also feel that this does place necessary spotlight on hardware supply chain security at a time when focus is pivoted toward software attacks.