contador web Skip to content

China reportedly used a microchip to spy on Apple and others; companies deny [atualizado]

Espionage has existed since the world is world. The difference is that now, with all of this technology surrounding us, a lot has evolved. Want an example? So here it goes: the Bloomberg Businessweek He said that data centers operated by Apple, Amazon and many other American companies (about 30 in total) – as well as US government agencies – may have been the target of surveillance by the Chinese government.

Bloomberg Businessweek cover about possible spying from ChinaCover Bloomberg Businessweek about possible espionage from China

As everything in the world today is manufactured in China, the government would have taken advantage of this advantage to insert a microchip in this equipment during its manufacture. Such information would have been passed on to the Bloomberg Businessweek by no less than 17 anonymous sources from the government and the companies themselves, as reported by Reuters.

Also according to Bloomberg Businessweek, the chips – which would have been implanted by the Chinese company Super Micro – were used to gather intellectual property and trade secrets of American companies. Such chips, however, have been under investigation by the US government since 2015.

Some of the companies involved in the story (Apple, Amazon and Super Micro), as expected, countered the report. Apple said it did not find the chips in its equipment; Amazon said it found no evidence to support such an accusation; Super Micro has denied that it introduced such chips during manufacturing; the Ministry of Foreign Affairs of China, for its part, said that “China is a resolute defender of cybersecurity”.

Here is the statement that Apple gave to CNBC:

We are deeply disappointed that in conversations with us, reporters from Bloomberg they were not open to the possibility that they or their sources could be wrong or misinformed. Our best guess is that they’re confusing the story with an incident reported in 2016, in which we discovered a driver infected on a single Super Micro server in one of our labs. This one-off event was concluded as an accidental one and not as a targeted attack against Apple.

Alleged Chinese spy microchip inserted into servers used by Apple and other companiesAlleged Chinese spy microchip inserted into servers used by Apple and other companies

To the Bloomberg, the problem was discovered in 2015 and was even confirmed by independent security researchers hired by the companies. Super Micro’s servers were reportedly removed from Apple’s infrastructure that year, according to the report, which also stated that ties with Super Micro were severed in 2016. A follow-up investigation involving several government agencies was also conducted and concluded that user data was not stolen as part of the alleged Chinese government espionage.

The fact is, if Chinese component manufacturers (like Huawei and ZTE) were already in the US’s sights before this story came up, imagine now! It is not for nothing that the discussion around intellectual property theft is one of the main arguments for the trade restrictions that the American government has been imposing on China under the baton of Donald Trump.

Something tells me that this story is very, very far from over.

Update Oct 4, 2018 at 17:12

Apple has now released a press release reinforcing that the Bloomberg Businessweek “Incorrectly reports that Apple found ‘malicious chips’ on servers in its network in 2015” and that “repeatedly explained to reporters and editors at Bloomberg in the past 12 months ”that these allegations are not true.

In addition to repeating the long statement given to Bloomberg (one of her excerpts is in the quote above, also given to the CNBC), Apple said reporter Jordan Robertson’s claims (that the problem had been detected by Apple in a random scan of some problem servers) are false, repeating that it “never found malicious chips” on its servers.

To make its position clear, Apple also informed that it is not under any kind of gag order or other confidentiality obligations imposed by the government.