2muchcoffeeman
Well-Known Member
Might be the biggest cybersecurity story ever.
Imagine if you will, a company that is to server hardware what Microsoft is to operating systems. Now, imagine what kind of security issue could ensue if a country’s intelligence operations managed to somehow get a specific piece of hardware — tiny, about the size of a grain of rice — installed on many of that server manufacturer’s motherboards that allowed it to open a stealth gateway on any network that an infected server had access to.
According to Bloomberg, that scenario played out until at least 2015, until Amazon found the processors while doing due diligence on a video server company that it ended up buying. That company, like many others, was purchasing its hardware from a U.S./Chinese company called Supermicro, which is that ubiquitous server manufacturer I mentioned before.
One U.S. official told Bloomberg that the infected hardware had been purchased and installed at over 30 U.S. companies, including a major bank, government contractors, and Apple.
Apple had been planning to use those servers for Siri upgrades, and had been planning to purchase over 30,000 servers from Supermicro for that purpose. Bloomberg reports that Apple did find that infected hardware on its servers in 2015 and replaced them, eventually severing business ties with Supermicro in 2016 I’m not going to speculate on whether finding, removing and replacing that hardware precluded upgrades to Siri’s AI capabilities. But, ya know.
This is the nightmare scenario that U.S. officials have raised about Chinese mobile phone manufacturer Huawei. Bloomberg paraphrases government officials calling this “the most significant supply chain attack known to have been carried out against American companies.”
Supermicro’s website is currently slashdotted. OBV: Its stock price went into the ****ter this morning.
Bloomberg - Are you a robot?
Imagine if you will, a company that is to server hardware what Microsoft is to operating systems. Now, imagine what kind of security issue could ensue if a country’s intelligence operations managed to somehow get a specific piece of hardware — tiny, about the size of a grain of rice — installed on many of that server manufacturer’s motherboards that allowed it to open a stealth gateway on any network that an infected server had access to.
According to Bloomberg, that scenario played out until at least 2015, until Amazon found the processors while doing due diligence on a video server company that it ended up buying. That company, like many others, was purchasing its hardware from a U.S./Chinese company called Supermicro, which is that ubiquitous server manufacturer I mentioned before.
One U.S. official told Bloomberg that the infected hardware had been purchased and installed at over 30 U.S. companies, including a major bank, government contractors, and Apple.
Apple had been planning to use those servers for Siri upgrades, and had been planning to purchase over 30,000 servers from Supermicro for that purpose. Bloomberg reports that Apple did find that infected hardware on its servers in 2015 and replaced them, eventually severing business ties with Supermicro in 2016 I’m not going to speculate on whether finding, removing and replacing that hardware precluded upgrades to Siri’s AI capabilities. But, ya know.
This is the nightmare scenario that U.S. officials have raised about Chinese mobile phone manufacturer Huawei. Bloomberg paraphrases government officials calling this “the most significant supply chain attack known to have been carried out against American companies.”
Supermicro’s website is currently slashdotted. OBV: Its stock price went into the ****ter this morning.
Bloomberg - Are you a robot?