Apple and Amazon explicitly deny that their servers were compromised by Chinese chips. The report from Bloomberg claims that China spies were able to infiltrate the USA’s biggest tech companies by inserting microchips which is the size of “a grain of rice” into the Chinese-manufactured servers that are a part of the tech giants’ infrastructure.
This probably happens to be the boldest and surprising hardware hacking by a nation that is ever publicly reported. Furthermore, the chip is said to be infiltrated in nearly around 30 US companies, and all the companies said to have discovered the chips on their own and notified US authorities, but both Apple and Amazon are refusing the claim and saying that there is no truth in the story.
Furthermore, the chip is said to be siphoning off data and letting in new code like a Trojan Horse. Bloomberg also reports that Amazon and Apple discovered the hack through internal investigations and reported it to US authorities. However, the report doesn’t state any direct evidence that the data of users was stolen or tampered with, but both Amazon and Apple silently worked on removing the compromised servers from their infrastructure.
The attack was reportedly carried out via the US-based company Super Micro Computer Inc. The firm is one of the world’s biggest suppliers of server motherboards, and contracts out manufacturing to factories in China and other parts of the world. However, Bloomberg’s reporting has not been confirmed. At the moment, it is not clear who is telling the truth, but ultimately, it is the user data that is at stake.
Steve Schmidt, Chief Information Security Officer said:
As we shared with Bloomberg BusinessWeek multiple times over the last couple of months, this is untrue. At no time, past or present, have we ever found any issues relating to modified hardware or malicious chips in SuperMicro motherboards in any Elemental or Amazon systems. Nor have we engaged in an investigation with the government. There are so many inaccuracies in this article as it relates to Amazon that they’re hard to count.
Security will always be our top priority. AWS is trusted by many of the world’s most risk-sensitive organizations precisely because we have demonstrated this unwavering commitment to putting their security above all else. We are constantly vigilant about potential threats to our customers, and we take swift and decisive action to address them whenever they are identified.
Over the course of the past year, Bloomberg has contacted us multiple times with claims, sometimes vague and sometimes elaborate, of an alleged security incident at Apple. Each time, we have conducted rigorous internal investigations based on their inquiries and each time we have found absolutely no evidence to support any of them. We have repeatedly and consistently offered factual responses, on the record, refuting virtually every aspect of Bloomberg’s story relating to Apple.On this we can be very clear: Apple has never found malicious chips, “hardware manipulations” or vulnerabilities purposely planted in any server. Apple never had any contact with the FBI or any other agency about such an incident. We are not aware of any investigation by the FBI, nor are our contacts in law enforcement.