Would you use a Huawei smartphone? - Results (1 vote)
Yes
0% (0 votes)
0
No
100% (1 vote)
1
Nested on the servers motherboards, the testers found a tiny microchip, not much bigger than a grain of rice, that wasnt part of the boards original design. Amazon reported the discovery to U.S. authorities, sending a shudder through the intelligence community. Elementals servers could be found in Department of Defense data centers, the CIAs drone operations, and the onboard networks of Navy warships. And Elemental was just one of hundreds of Supermicro customers.
During the ensuing top-secret probe, which remains open more than three years later, investigators determined that the chips allowed the attackers to create a stealth doorway into any network that included the altered machines. Multiple people familiar with the matter say investigators found that the chips had been inserted at factories run by manufacturing subcontractors in China.
This attack was something graver than the software-based incidents the world has grown accustomed to seeing. Hardware hacks are more difficult to pull off and potentially more devastating, promising the kind of long-term, stealth access that spy agencies are willing to invest millions of dollars and many years to get.
---
In addition to the three Apple insiders, four of the six U.S. officials confirmed that Apple was a victim. In all, 17 people confirmed the manipulation of Supermicros hardware and other elements of the attacks. The sources were granted anonymity because of the sensitive, and in some cases classified, nature of the information.
One government official says Chinas goal was long-term access to high-value corporate secrets and sensitive government networks. No consumer data is known to have been stolen.
---
Since the implants were small, the amount of code they contained was small as well. But they were capable of doing two very important things: telling the device to communicate with one of several anonymous computers elsewhere on the internet that were loaded with more complex code; and preparing the devices operating system to accept this new code. The illicit chips could do all this because they were connected to the baseboard management controller, a kind of superchip that administrators use to remotely log in to problematic servers, giving them access to the most sensitive code even on machines that have crashed or are turned off.
---
Well before evidence of the attack surfaced inside the networks of U.S. companies, American intelligence sources were reporting that Chinas spies had plans to introduce malicious microchips into the supply chain. The sources werent specific, according to a person familiar with the information they provided, and millions of motherboards are shipped into the U.S. annually. But in the first half of 2014, a different person briefed on high-level discussions says, intelligence officials went to the White House with something more concrete: Chinas military was preparing to insert the chips into Supermicro motherboards bound for U.S. companies.