This report read like a real nightmare in the tech industry: Chinese military hackers had been able to install spy chips in server for Apple and Amazon . The companies hold against it with unusually sharp denials.
Cupertino / Seattle (AP) – Apple and Amazon have emphatically denied a media report claiming they have spied China spywareon their servers.
The financial service Bloomberg , citing unnamed government officials and Apple executives, said the tiny components allowed attackers to take control of the servers and extract information. Around 30 US companies were potentially affected, it said.
If the report is confirmed, it would probably be the biggest data espionage affair since the revelations of whistleblower Edward Snowden . The former NSA employee uncovered large-scale NSA and GCHQ intelligence and spy espionage activities in the US and UK in 2013 .
In the Bloomberg report, however, initially only Apple and Amazon are named. The companies reacted on Thursday with unusually detailed denials. ” Apple has never found malicious chips,” manipulated hardware “or intentionally placed vulnerabilities in servers,” said the iPhone corporation. Also you have – unlike Bloomberg shown – never informed the FBI about suspicious chips. Only once was an infected driver found on a server of the Bloomberg supplier Super Micro in the Apple lab. It was not a targeted attack against Apple been found.
Amazon also stated that they had found no confirmation for allegations about espionage chips or modified technology. Bloomberg had written that the online retailer had discovered the suspicious technology in 2015 in the acquisition of the company Elemental Technologies.
Zugleich ist aber auch der Bloomberg-Bericht sehr detailreich. Demnach laufen bereits seit drei Jahren geheime Ermittlungen der US-Behörden im Zusammenhang mit den Spionage-Chips. Die Ermittler hätten herausgefunden, dass sie in Fabriken in China in die Elektronik der Server von Super Micro eingeschleust worden seien und vermuteten chinesische Militärhacker dahinter. Deren Ziel sei es gewesen, langfristigen Zugang zu Geheimnissen von Unternehmen und Behörden zu bekommen, habe einer der Regierungsmitarbeiter erklärt. Um Kundendaten sei es nicht gegangen. Server mit Technik von Super Micro seien unter anderem in Banken, bei Anbietern von Cloud-Diensten und Web-Hostern im Einsatz.
Super Micro said the company was not aware of any investigation into the allegations and that it had not been contacted by any government agency. At present, the US-China trade conflict is worsening and US President Donald Trump is trying to get American companies to more high-tech production in their home country. From the Apple denial it also emerges that Bloomberg was at least since November 2017 to the story.
Apple said that the group had no corresponding FBI investigations known. And unlike Bloomberg , the assistance software never ran on Super Micro servers. 2000, however, have been used for the acquired by Apple social media analysis company Topsy. “No malicious chips have ever been found on any of these servers.” To prevent further speculation Apple emphasized that the group had not been muzzled by the authorities have missed and not under other secrecy agreements stand.
At the same time had already written in February, the industry service “The Information”, Apple 2016 ended the relationship with Super Micro after a potential security vulnerability was found on a server.
In another article on the night of Friday, Bloomberg wrote that Facebook was also affected by another type of attack on Super Micro’s servers. In the process, operating software prepared for the devices was loaded, with which attackers could divert data. She had been intalliert over a groomed update function. Facebook told Bloomberg that Super Micro hardware was only used for laboratory testing and will be phased out.