Proof-of-concept supply-chain poisoning: tiny, undetectable hardware alterations could compromise corporate IT

A little over a year ago, Bloomberg stunned the world with a report that claimed that Chinese intelligence services had figured out how to put undetectable, rice-grain-sized hardware implants into servers headed for the biggest US cloud and enterprise IT firms, and that when some of the victims discovered this fact, they quietly ripped out whole data-centers and replaced all their servers. Read the rest

A deep dive into the technical feasibility of Bloomberg's controversial "Chinese backdoored servers" story

Last October, Bloomberg published what seemed to be the tech story of the year: a claim that Supermicro, the leading supplier of servers to clients from the Pentagon and Congress to Amazon, Apple and NASA, had been targeted by Chinese spies who'd inserted devastating, virtually undetectable hardware backdoors into their motherboards by subverting a small subcontractor in China. Read the rest

Report: Chinese spies snuck tiny backdoor chips onto US corporate, government and military servers

According to an explosive report in Bloomberg, US spies and large corporate IT departments have had an open secret for years: the servers supplied by US hardware giant Supermicro for Elemental, Inc were sometimes infected with tiny hardware backdoors by Chinese spies during their manufacture; these superminiature chips were wired into the systems' baseboard management system and were able to accept covert software patches that would allow Chinese spies to utterly compromise both the servers and the networks they were connected to. Read the rest