A large US telecommunications company discovered new hardware manipulated by Super Micro Computer Inc. in its network and removed it in August.
Security expert Yossi Appleboum provided documents, analysis and other evidence following the publication of a Bloomberg Businessweek investigative report detailing how Chinese intelligence services have forced subcontractors to plant chips in Supermicro server motherboards for a period of at least two years, until the end of 2015.
Appleboum, who had previously worked in the Israeli Army Intelligence Corps technology unit, and now works at Sepio Systems in Gaithersburg, was hired to monitor several large data centers that belonged to the company.
Appleboum noticed some unusual communications from a supermicro server. After an inspection, it was found in the Ethernet connector, a foreign component.
Appleboum claimed to have already seen similar manipulations between other Chinese suppliers, not just Supermicro.
“Supermicro is a victim, just like everyone else, there is a problem with the Chinese supply chain”.
Supermicro, an American-Taiwanese company based in San Jose, California, has released a statement where it has essentially declared itself unaware of the matter.
The Chinese embassy in Washington, contacted by Bloomberg Businessweek, has not issued statements. Chinese foreign minister has not responded directly to the questions addressed, stating that these are things of common concern and that China is also a victim .
According to Bloomberg, Supermicro shares plunged 41 percent last Thursday following the revelations about the hacked servers. They fell as much as 27 percent on Tuesday after the latest story.
The new manipulations found in Chinese hardware are different from those described last week, but they share some key features. Both are designed to allow access to the network from outside, and motherboards are produced by Chinese subcontractors.
According to Appleboum, the changes must necessarily have occurred at the time of their manufacture in China. According to the first information, they would have been assembled in a factory near Guangzhou, Guangdong.
In response to the Bloomberg story, the Norwegian national security authorities have indicated that they were aware of the manipulations on Supermicro products since June.
The manipulations at the hardware level are very difficult to detect. The United States used this kind of manipulation, according to Edward Snowden, but apparently even China has been using these means aggressively for some years now.