Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 17 submissions in the queue.
posted by takyon on Thursday October 04 2018, @03:00PM   Printer-friendly
from the Cyberwarfare dept.

Chinese spy chips are found in hardware used by Apple, Amazon, Bloomberg says; Apple, AWS say no way

The chips, which Bloomberg said have been the subject of a top secret U.S. government investigation starting in 2015, were used for gathering intellectual property and trade secrets from American companies and may have been introduced by a Chinese server company called Super Micro that assembled machines used in the centers.

[...] China has long been suspected — but rarely directly implicated — in en masse spy campaigns based on hardware made there. The majority of electronic components used in U.S. technology are manufactured in China. Companies including component manufacturers Huawei and ZTE, as well as surveillance camera maker Hikvision, have all fallen under intense suspicion and scrutiny from the U.S. government in the past year.

I'd think that the big guys would be designing their own boards. Maybe we should only buy PCBs from South Korea.

Also at Bloomberg and The Guardian.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 4, Informative) by Spamalope on Thursday October 04 2018, @03:41PM

    by Spamalope (5233) on Thursday October 04 2018, @03:41PM (#744146) Homepage

    It's a tiny hardware hack. It wasn't phoning home to anyone. It would have done something to enable the sort of attack used with a buffer overflow, without needing the overflow to write into program storage so you could bypass password protection or the like. i.e. make the server vulnerable to an injection attack at the hardware level.

    Any other malware activity would be on the part of a payload dropped afterwards. If they're good, that'll only be exfiltrating small amounts of data, and only with legit data. (or I guess - one time things - misconfigure the VM backup replication target to point to the attackers server for one replication cycle - then restore the original settings if not caught)

    But done well, it could look like software zero day exploits being used to the victims. (if you're using Adobe products, are you shocked if there appears to be another vulnerability? again?)

    Starting Score:    1  point
    Moderation   +2  
       Informative=2, Total=2
    Extra 'Informative' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   4