Author Topic: China Compromises 30 Top Companies With Altered Server Hardware - Bloomberg  (Read 1856 times)

Michael in ABQ

  • Magnum Stache
  • ******
  • Posts: 2626
Bottom line up front, Chinese spies have managed to infilitrate the global supply chain for the top manufactuer of server hardware that powers many of the largest companies in the world. This was accomplished through inserting tiny chips directly into the motherboards of servers. So far the two biggest targets, Apple and Amazon, deny that their systems were breached. We're reaping the rewards of ousourcing vitually all computer hardware manufacturing to China over the last few decades. Very interesting article that just came out today. This is going to have major repercussions throughout the global tech industry - really the whole underpinning of cloud computing and the internet.

The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies

https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies

Quote
The attack by Chinese spies reached almost 30 U.S. companies, including Amazon and Apple, by compromising America’s technology supply chain, according to extensive interviews with government and corporate sources.


GuitarStv

  • Senior Mustachian
  • ********
  • Posts: 23128
  • Age: 42
  • Location: Toronto, Ontario, Canada
Yeah, China has been doing an awful lot of hacking in recent history.  I worked for a very large company that designed trains and twice in the past six years we had hacking attacks from China and data stolen.  We actually had to modify an awful lot of security practices specifically because of China.

Just Joe

  • Walrus Stache
  • *******
  • Posts: 6720
  • Location: In the middle....
  • Teach me something.
I've often wondered why big companies don't air-gap servers and computers containing sensitive information. 

GuitarStv

  • Senior Mustachian
  • ********
  • Posts: 23128
  • Age: 42
  • Location: Toronto, Ontario, Canada
I've often wondered why big companies don't air-gap servers and computers containing sensitive information.

For us, it was because the ability to remote access sensitive information for engineers in the field for debugging was very important.

Michael in ABQ

  • Magnum Stache
  • ******
  • Posts: 2626
I've often wondered why big companies don't air-gap servers and computers containing sensitive information.

If you do that you lose the efficiency of having a network. Think about something like the design for a fighter jet. Thousands of people need access to various parts of the design. It would be very difficult to restrict all of that access to an air-gapped network. Especially when they purposefully subcontract out work to as many congressional districts as possible.

vern

  • Pencil Stache
  • ****
  • Posts: 592
Sun Tzu.

scottish

  • Magnum Stache
  • ******
  • Posts: 2716
  • Location: Ottawa
I'm pretty interested in more details about how this works.

Paraphrasing, the article claims that the chip is connected to the little management processor on the server (not the CPU) and that it can somehow call home to load malicious software onto the server itself...    If you can do that, then I think you've pretty thoroughly penetrated the target network.


Paul der Krake

  • Walrus Stache
  • *******
  • Posts: 5854
  • Age: 16
  • Location: UTC-10:00
I've often wondered why big companies don't air-gap servers and computers containing sensitive information.
If your computers can't talk to anyone, they're not going to be very useful. Might as well use a filing cabinet in a basement.


GuitarStv

  • Senior Mustachian
  • ********
  • Posts: 23128
  • Age: 42
  • Location: Toronto, Ontario, Canada
Might as well use a filing cabinet in a basement.

That's exactly what an air-gap server is!  Just a high tech filing cabinet in the basement.

ketchup

  • Magnum Stache
  • ******
  • Posts: 4323
  • Age: 33
I'm pretty interested in more details about how this works.

Paraphrasing, the article claims that the chip is connected to the little management processor on the server (not the CPU) and that it can somehow call home to load malicious software onto the server itself...    If you can do that, then I think you've pretty thoroughly penetrated the target network.
Most server boards have out-of-band management, meaning an extra dedicated network interface that is completely independent of the main OS and CPU.  It's typically used to monitor things like internal temperatures, voltages, etc., but can also be used to remotely control the host server as if you were in front of it (send keyboard and mouse commands and see what would be on a monitor). 

From what I understand in the Bloomberg article, this was their target.  If you compromise that, you essentially have full access to the entire server as if you were standing in front of it.

Michael in ABQ

  • Magnum Stache
  • ******
  • Posts: 2626
Interesting that Amazon, Apple, and SuperMicro are all completely denying this (as is the Chinese government of course). I doubt that Bloomberg made this up entirely out of whole cloth. This is certainly technically feasible since Chinese companies comprise most of the global supply chain for computers. It would also fit their MO of trying to penetrate these types of systems for industrial espionage plus pain old fashioned government to government espionage. I could absolutely see this type of information being classified Top Secret - the NSA's efforts to compromise computers as revealed by Edward Snowden was certainly Top Secret. Could be that the people making these denials either honestly don't have knowledge of these breaches - or they can't disclose it due to national security restrictions. To say nothing of the deep damage it could do to their reputation.

scottish

  • Magnum Stache
  • ******
  • Posts: 2716
  • Location: Ottawa
Alternatively it could be a false flag operation being run by one of the US intelligence agencies as part of the orange troll's trade war with China.

Here's hoping that the right folks get their hands on one of these motherboards and reverse engineer it.

marty998

  • Walrus Stache
  • *******
  • Posts: 7372
  • Location: Sydney, Oz
Can't say I'm surprised. Everyone spies on each other.

Every Apple Phone is manufactured in China.... that's a little scary. I guess the PLA know I spend all my internet time on MMM and a few other investment forums. Hi guys!