Network cables in a server room in New York (stock photo). Photo: Michael Bocchieri (Getty Images) chain of microchip manufacturer…
Network cables in a server room in New York (stock photo). Photo: Michael Bocchieri (Getty Images) chain of microchip manufacturer Super Micro, who installed small spyware chips that made it possible for them to connect systems that belong to nearly 30 US companies have been denied by Homeland Security, Apple and Amazon. Now, Super Micro and Amazon executives follow Apple CEO Tim Cook’s leadership and demanded public retrieval of the story, Verge Monday reported.
Apple has repeatedly denied the story, including in letters to Congress. Cook told BuzzFeed News that it was “no truth” in the story last week and said “They must do the right thing” and pull in the piece. Now, Amazon Web Services Manager Andy Jassy and Super Micro CEO Charles Liang have issued similar calls.
“@ tim_cook is right. The Bloomberg story is wrong about Amazon too,” Jassy tweeted. “They offered no evidence, the story continued to change and showed no interest in our answers if we could not validate their theories. Reporters played or took freedoms. Bloomberg should withdraw.”
“Bloomberg will act responsibly and withdraw its unsupported claims that harmful hardware components were implanted in the motherboard during the manufacturing process” Liang told CNBC Steve Kopack . “… Bloomberg has not produced a single affected motherboard, we have not seen any harmful hardware components in our products, no authority has contacted us about harmful hardware components, and no customer has reported any harmful hardware components either.”  In a separate letter from Super Micro to the Securities and Exchange Commission received by the Wall Street Journal, the company added that “despite the lack of evidence that a malicious hard disk drive exists, we make a complicated and time-consuming review to further address the article. “
Super Micro’s stock plummeted after the original story.
While denials are unusually strong and skepticism has built in a few quarters of the allegations, Bloomberg has left the story and published an additional account from security expert Yossi Appleboum that he had discovered a bugged Super Micro Ethernet connector in the server of a large telecom. (Appleboum also said he had found similar tools before and such security holes affect the entire Chinese supply chain.) Bloomberg also insisted that the DHS denial was not ironed because a separate agency, the FBI, ran the investigation about the bugged equipment wrote the registry:  It’s a likely explanation. It is also possible that Apple and Amazon have walled-off security arms that do not communicate with the larger corporate body, and they discovered spy chips and worked with intelligence agencies. Such a company dissociation would provide a buffer that allows managers to deny their business or concerns.
Just as likely, however, Bloomberg’s reporters made mistakes in reporting, and the organization failed to check the article satisfactorily. Or they stumbled on an intelligence information campaign and reported the effectiveness of certain groups of people.
No physical examples of the alleged bugged equipment have yet come up.
The original report seemed to match other concerns from Western governments and companies that Chinese manufacturers could be compromised by intelligence operators. Best buy, for example, stopped selling Huawei devices earlier this year, and Chinese companies may be suspended from inviting US 5G network expansion contracts. US legislators have also warned that networking equipment produced by Huawei and ZTE represents a national security threat, even though the companies concerned have denied allegations.
Chinese hackers allegedly stood stalas trade secrets from US companies for several years before an international agreement from 2015 seemed cool trend. (According to Axios, CrowdStrike co-founder Dmitri Alperovitch said the cyber attacks appear to have picked up again from last year.) But many of the recent claims have come at a time when Donald Trump’s decision to launch trade war has already strained relations with China and the primary short-term effect of Spy claims have been to put fuel in the fire. In that sense, it has been difficult to distinguish allegations based in truth from those who may be bluster.
With the big companies involved united in requiring a retreat, the battle over Super Micro hacking claims will likely continue. In a statement to the newspaper on Monday, a Bloomberg spokesman wrote that 17 different people “confirmed the manipulation of hardware and other elements of the attacks …. We are stuck in our history and are convinced of our reporting and sources.”  [The Verge]