privacy security

The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies – Bloomberg

Bloomberg’s big story on alleged China hacking through server hardware implants. If true, it would be an absolutely incredible feat, equivalent in terms of impressiveness to the Stuxnet worm.

The attack by Chinese spies reached almost 30 U.S. companies by compromising America’s technology supply chain.

Source: The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies – Bloomberg

At the moment, Bloomberg seems to double-down on its story with the following statement:

“Bloomberg Businessweek’s investigation is the result of more than a year of reporting, during which we conducted more than 100 interviews,” a spokesperson told BuzzFeed News in response to a series of questions. “Seventeen individual sources, including government officials and insiders at the companies, confirmed the manipulation of hardware and other elements of the attacks. We also published three companies’ full statements, as well as a statement from China’s Ministry of Foreign Affairs. We stand by our story and are confident in our reporting and sources.”

It’ll be interesting to see who’s telling the truth as the story develops. Meanwhile, governments and companies around the world should be in panic mode, as they try to figure out if they are using Supermicro servers, and if so, whether they are affected by the so-called hacking.

(2018-Oct-04) Apple and Amazon both issued strong denials to the claims of the article.

(2018-Oct-04) Separately, Apple and Amazon both issued even stronger statements on their website to set the record straight on the matter.

(2018-Oct-05) Buzzfeed’s coverage of the story also seem to indicate that even senior staff in Apple doesn’t know about the alleged hacks.

(2018-Oct-20) Apple CEO Tim Cook Is Calling For Bloomberg To Retract Its Chinese Spy Chip Story

(2018-Oct-23) Amazon cloud chief Jassy follows Apple in calling for retraction of Chinese spy chip story