Chinese Secret Microchip Server Hack

Image: Bloomberg Businessweek, Scott Gelber

Bloomberg Businessweek released a mind-blowing exposé on a massive Chinese government hardware hack that appears to have affected huge organisations like Amazon AWS, Apple and the U.S. government. Their longread article is well worth the time, but in summary, a tiny secret microchip disguised as signal conditioning couplers was discovered embedded on server motherboards supplied by Supermicro, one of the world's largest motherboard suppliers. The intruder device was smaller than the top of a sharpened pencil and designed to be able to interrupt and alter operating system functions giving it control over the server. It was equiped with networking capability, allowing it to remotely load code from anonymous servers to execute on infected hardware.

A video compression and processing company called Elemental used Supermicro motherboards to build custom video servers for clients such as the CIA and the U.S. Navy, who used the servers to process drone and aerial mission video and secure video communications. In 2015, Amazon began due diligence to acquire Elemental and part of that process was a third party security review of Elemental's products. On inspection of the servers, the tiny intruder chip was found. Numerous corporate, FBI and intelligence investigations have tracked the origin of the chip down to sub-contracted suppliers of Supermicro's in China. An internal investigation by Amazon of its China based servers also discovered upgraded versions of the chip which were small enough to embed between the fiberglass sheets of the motherboard instead of on the board itself! The level of hardware sophistication, strategic and logistical planning involved to successful hack most high-end servers around the world (7,000 Apple servers were found to be compromised in 2015) is unbelievably impressive and equally frightening.

Share