Telecom Company Uncovers Further Evidence of Chinese Hardware Hack

Remigio Civitarese
Ottobre 11, 2018

"It would be wonderful for China if it could integrate internal storage, a CPU and wireless communications in such a tiny chip", Zhang Baichuan, a Chinese cybersecurity expert, told SCMP, adding, "The fact is, China's chip technology is still at a primary stage".

The Bloomberg story doesn't identify the telecommunications company "due to Appleboum's nondisclosure agreement with the client".

This time, the attack was admittedly different, and the details revealed an "implant" in the server's ethernet connector, which triggered "unusual communications", which techies at the telecom company were unable to account for.

An unnamed USA telecommunications giant discovered evidence of "manipulated hardware" supplied by Supemicro and removed the compromised device from its network, according to a Bloomberg report Tuesday, days after the company rejected a report that Chinese agents had compromised its devices.

Yossi told Bloomberg he's seen similar manipulations in other vendors' hardware made by contractors in China. "Supermicro is a victim - so is everyone else".

"The module looks really innocent, high quality and "original" but it was added as part of a supply chain attack", said Appleboum.

"The security of our customers and the integrity of our products are core to our business and our company values", Supermicro said in a statement. We take care to secure the integrity of our products throughout the manufacturing process, and supply chain security is an important topic of discussion for our industry. We still do not know any unauthoriszed components and have not been informed by any customer that such components have been found. According to Bloomberg, the intent of the implant is to "give attackers invisible access to data on a computer network in which the server is installed" and the alterations were allegedly made at the same factory used by a Supermicro subcontractor in China.

While targeted companies have been quick to refute the hack, United States officials are not discarding it outright and did not comment on the goings-on.

FitzPatrick raised his concerns with Bloomberg as the story was initially described to him before publishing - "Wow, this doesn't make sense", he remembers as his reaction - and after publishing, in an email, but both times was reassured that other sources had corroborated the details of the hacking.

"The Department of Homeland Security is aware of the media reports of a technology supply chain compromise", the Department of Homeland Security said.

Bloomberg claimed that its report is getting results, as security teams around the world are now "analyzing their servers and other hardware for modifications, a stark change from normal practices". Registration information and the schedule can be found on the website. "The fact is, China's chip technology is still at a primary stage". Bloomberg says it stands by its reporting.

That latest piece comes after one of the experts in the original story gave an interview in which he expressed his concern about the finished piece and questioned whether Bloomberg had done sufficient fact checking before publishing.

While the hardware manipulation reported Tuesday is different from the one described last week, Bloomberg said they shared key characteristics, namely that they were both created to "give attackers invisible access to data on a computer network in which the server is installed".

On Monday, Apple execs sent a letter to the House and Senate commerce committees urging lawmakers to pressure Supermicro to brief them about the alleged breach.

Altre relazioniGrafFiotech

Discuti questo articolo

Segui i nostri GIORNALE