The publication has unveiled new “evidence” of surveillance of US companies.
In August 2018, a large US telecommunications company discovered a spy chip in the Ethernet port of its Super Micro server. This was reported by Bloomberg, citing security expert Yossi Applebouma, who allegedly personally found the bug.
Applebaum claims to have noticed a hardware implant when a large American telecom company hired his company Sepio Systems to check the security of its equipment. According to the expert, a spy chip was found in the Ethernet port through which the servers are connected to the network.
The connector of one of the Super Micro production servers allegedly started issuing suspicious outgoing traffic and after a physical inspection it turned out that a bug was sewn inside it. According to Applebaum, on the net, it looked like two devices in one. The real server sent data on one channel, and the implant – on another, but all the traffic seemed to come from a single trusted server, and therefore passed through security filters.
The expert noted that the metal sides of the Ethernet connector instead of the plastic ones became the key sign of the presence of the implant. Manufacturers did this intentionally, since the spy chip, which was a mini-computer, needed cooling, and the metal conducts heat better.
According to Applebaum, during his work, he encountered similar manipulations in devices from different manufacturers and Super Micro “just a victim”. The expert believes that the problem lies in the use of a chain of Chinese suppliers, at the factory of each of which can introduce bugs. Applebaum noted that in the case of the telecom company, the bug was introduced at a factory in Guangzhou during the production of the chip itself, and not the server assembly.
Applebaum refused to disclose the name of the company, citing a non-disclosure agreement. The publication appealed to the largest US carriers, AT & T, Verizon and Sprint told reporters that their attack did not affect, and T-Mobile did not respond to a request for comment.
October 4, Bloomberg has released material on the introduction of spy chips in the server Super Micro, supplied to large American companies. The publication stated that the Chinese military had installed bugs in motherboards at the company’s factories for several years. A few hours after the release of the material, Super Micro shares fell by 60% to the 2007 level.
Bloomberg material has come under serious criticism from Apple, Amazon, Super Micro, and the Chinese government because journalists mainly cited anonymous sources and did not provide any evidence. As noted by the agency, it was Applebaum, among other things, that provided documents and “other evidence” in the case.
On October 9, one of Bloomberg’s few non-anonymous sources, Joe Fitzpatrick, said that his words had been distorted. He claims that he explained to journalists how it is theoretically possible to crank an attack with hardware implants. Fitzpatrick said he was surprised when he found the material, where his hypotheses were issued for the truth with the confirmation of anonymous sources.
On October 10, several US senators turned to Super Micro and large companies with questions about the situation with spy chips in their devices. At the time of this writing, only Apple responded – stating that it denied the presence of any spyware on their servers produced by Super Micro.