The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies
RogueAltGov Retweeted:The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies
The attack by Chinese spies reached almost 30 U.S. companies, including Amazon and Apple, by compromising Americas technology supply chain, according to extensive interviews with government and corporate sources.
By Jordan Robertson and Michael Riley
In 2015, Amazon.com Inc. began quietly evaluating a startup called Elemental Technologies, a potential acquisition to help with a major expansion of its streaming video service, known today as Amazon Prime Video. Based in Portland, Ore., Elemental made software for compressing massive video files and formatting them for different devices. Its technology had helped stream the Olympic Games online, communicate with the International Space Station, and funnel drone footage to the Central Intelligence Agency. Elementals national security contracts werent the main reason for the proposed acquisition, but they fit nicely with Amazons government businesses, such as the highly secure cloud that Amazon Web Services (AWS) was building for the CIA.
To help with due diligence, AWS, which was overseeing the prospective acquisition, hired a third-party company to scrutinize Elementals security, according to one person familiar with the process. The first pass uncovered troubling issues, prompting AWS to take a closer look at Elementals main product: the expensive servers that customers installed in their networks to handle the video compression. These servers were assembled for Elemental by Super Micro Computer Inc., a San Jose-based company (commonly known as Supermicro) thats also one of the worlds biggest suppliers of server motherboards, the fiberglass-mounted clusters of chips and capacitors that act as the neurons of data centers large and small. In late spring of 2015, Elementals staff boxed up several servers and sent them to Ontario, Canada, for the third-party security company to test, the person says.
Nested on the servers motherboards, the testers found a tiny microchip, not much bigger than a grain of rice, that wasnt part of the boards original design. Amazon reported the discovery to U.S. authorities, sending a shudder through the intelligence community. Elementals servers could be found in Department of Defense data centers, the CIAs drone operations, and the onboard networks of Navy warships. And Elemental was just one of hundreds of Supermicro customers.
During the ensuing top-secret probe, which remains open more than three years later, investigators determined that the chips allowed the attackers to create a stealth doorway into any network that included the altered machines. Multiple people familiar with the matter say investigators found that the chips had been inserted at factories run by manufacturing subcontractors in China. ... This attack was something graver than the software-based incidents the world has grown accustomed to seeing. Hardware hacks are more difficult to pull off and potentially more devastating, promising the kind of long-term, stealth access that spy agencies are willing to invest millions of dollars and many years to get.
....
unc70
(6,110 posts)I strongly urge everyone read the full article. It describes the kinds of cyber security attacks that I have been warning DUers about for years.
Once you have read the article, consider the vulnerability of voting machines and election technology.
mahatmakanejeeves
(57,367 posts)zipplewrath
(16,646 posts)It should have been a working assumption for a couple of decades. This would be especially true of any security and/or financial firm. But I guess that the same people are in charge that also decided the office of Personnel Managment didn't need to encrypt their information.
still_one
(92,110 posts)isn't valid, but the timing is very suspicious to me right before the midterms.
There is also an effort currently underway for trump and his administration to accuse China of interferring in our midterm elections. I find that curious since no one hardly mentions Russia anymore
pretzel4gore
(8,146 posts)the west military budget is more then a $trillion/year and our secret police budget is unlimited/unknown! We can't do much about China (or Iran or norway or even Saudi Arabia) but we can force the nazipoohs who are destroying democratic governance, to hide behind fake news etc. to expose their imperial nakkidness etc.
the news media is aiding/abetting a outright reactionarky bullyboy (kavanaugh) to sit on the top law court in the land, yet lining up the ducks to STOP IT is too much notes, but this China schemeing is...like the poisoning of russians in Britain, chap[ter and verse explained!
All the dots neatly connected. Wow! why not use this amazing skill to stop the fascists from wrecking the future?
btw, if laws are broken CALL THE COPS!
Nitram
(22,776 posts)this hardware was in use. Good thing we discovered this. Reminds me of the old Xerox scam the CIA pulled in Moscow.
https://electricalstrategies.com/about/in-the-news/spies-in-the-xerox-machine/
Zorro
(15,730 posts)Remember the IBM Selectric typewriters from days gone by?
http://www.cryptomuseum.com/covert/bugs/selectric/