Apple blasts Bloomberg’s report of Chinese infiltration

From Bloomberg’s story: How China infiltrated 30 top US companies by embedding a tiny chip on servers.

The chips had been inserted during the manufacturing process, two officials say, by operatives from a unit of the People’s Liberation Army. In Supermicro, China’s spies appear to have found a perfect conduit for what U.S. officials now describe as the most significant supply chain attack known to have been carried out against American companies.

One official says investigators found that it eventually affected almost 30 companies, including a major bank, government contractors, and the world’s most valuable company, Apple Inc. Apple was an important Supermicro customer and had planned to order more than 30,000 of its servers in two years for a new global network of data centers. Three senior insiders at Apple say that in the summer of 2015, it, too, found malicious chips on Supermicro motherboards. Apple severed ties with Supermicro the following year, for what it described as unrelated reasons.

From Apple’s statement: What Businessweek got wrong about Apple. 

Over the course of the past year, Bloomberg has contacted us multiple times with claims, sometimes vague and sometimes elaborate, of an alleged security incident at Apple. Each time, we have conducted rigorous internal investigations based on their inquiries and each time we have found absolutely no evidence to support any of them. We have repeatedly and consistently offered factual responses, on the record, refuting virtually every aspect of Bloomberg’s story relating to Apple…

We are deeply disappointed that in their dealings with us, Bloomberg’s reporters have not been open to the possibility that they or their sources might be wrong or misinformed. Our best guess is that they are confusing their story with a previously-reported 2016 incident in which we discovered an infected driver on a single Super Micro server in one of our labs. That one-time event was determined to be accidental and not a targeted attack against Apple.

My take: I’m with 9to5Mac’s Benjamin Mayo, who tweeted:

6 Comments

  1. Steven Noyes said:

    This is one of those…. Ahhhhh…. Hmmmmm…. Moments. I don’t doubt, for a second, China would not do such a thing even if it put at jeopardy their ability to provide electronics to the entire world. I also don’t see Apple being so iron clad if they were not reasonably certain what they said was true.

    I could believe there are a small number of people (spies or state actors) that know the truth one way or another. I could also be one of those G’Kar/Sinclair moments… You remember the B5 story, “The Gathering”, when Sinclair told G’Kar he slipped him a microscopic transmitter in his drink but there wasn’t one.

    Plant the seed of doubt to keep people guessing and spending resources looking for the non-existent needle.

    1
    October 4, 2018
  2. John Konopka said:

    This sort of thing sounds plausible to the general public, like the plot of a James Bond movie. A large computer board with hundreds of small parts seems like a good place to hide a chip like this. In real life there are lots of engineers who inspect these things in great detail. Not at every company but somewhere somebody is curious enough to check things in great detail, and to the right engineer these boards are not a confusing mess of small parts but a clearly understandable design.

    0
    October 5, 2018
    • David Emery said:

      A friend who is an authority on information assurance and I were discussing this. He has direct experience with Super Micro products. He said it would be very difficult for him to inspect these boards to determine if such a chip was actually present. He also noted that previous server boards had a daughterboard for their Management Extensions, which one could opt to not buy/use. Current boards have these features built-in, and it’s the Management Extensions stuff that is a big part of the ‘attack vector’ for this attack. (You might remember that Management Extensions on Intel chips were another information assurance vulnerability from last year. The “side doors” that make things easy to manage also makes those things easy to attack.)

      So in short, my friend would not agree with your assertion that this would be easy to find through an inspection (visual and/or electronic) of the boards in question.

      1
      October 5, 2018
  3. Ken Cheng said:

    Given that Bloomberg/BW says 30 companies were compromised, you’d think that someone would leak some hard info, like a pic of the offending mobo with spy chip. There are just too many people in-the-know to keep it all under wraps, unless.. it’s not exactly true.

    0
    October 7, 2018

Leave a Reply