Bloomberg reports that the Apple & Amazon server has set up a chip to steal data to the Chinese People's Liberation Army's active force, Apple · Amazon completely negated

"Bloomberg reported that" Apple and Amazon have set up chips to steal data on their motherboard of their servers. " It is a big uproar that it is the agent of the People's Liberation Army of China who charged chips.

The Big Hack: How China Used a Tiny Chip to Infiltrate US Companies - Bloomberg
https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies

The Big Hack: Amazon, Apple, Supermicro, and Beijing Respond - Bloomberg
https://www.bloomberg.com/news/articles/2018-10-04/the-big-hack-amazon-apple-supermicro-and-beijing-respond

Apple and Amazon embed chips that steal data illegally is a mother mode for Supermicro servers. Supermicro is an American company, but the motherboard itself was manufactured in China, Bloomberg reports that the chip was added in the manufacturing process.

According to information obtained from sources trusted by Bloomberg, the incident that culminated in the incident is a survey within Amazon. Back in 2015, Amazon conducted a security survey in the due diligence of Elemental Technologies, which had been considering acquiring to expand streaming services such as Prime video. As a result, he found a strange chip in Elemental's video compression server.

The rice grain size chip incorporated in this Supermicro mother board is a part not originally designed, and Amazon reported to FBI. Since Elemental had delivered servers to the Department of Defense data center, the CIA's drone system, and the Navy's ship's network, this case became the highest secret investigation of the United States and the investigation is ongoing even after three years have passed Bloomberg says.

According to several people familiar with the circumstances, the chip embedded in the Supermicro motherboard can access both the network and the system memory. An attacker seems to be able to access data in the server by connecting to a specific remote system in order to receive an external command, by changing the running OS and bypassing password verification etc.

Problem Supermicro motherboard

Removing parts such as chips and condensers ... ...

It became only board. It seems that the chip was embedded in the part surrounded by the white circle.

One problem is how this chip was incorporated into the Supermicro motherboard, but according to several affiliates familiar with the circumstances, it is said that the chip embedding was done in a subcontract factory in China who was responsible for motherboard manufacturing . According to two investigative officials, the chip was suspected to be embedded by the Chinese People's Liberation Army agents during the manufacturing process, beyond the purpose of stealing data from mere companies, was launched by the Chinese authorities to an American company , The suspicion of the biggest supply chain attack has come out so far.

Bloomberg says that about 30 US companies were attacked, among which Amazon, which triggered the incident, and Apple, which uses a lot of Supermicro servers in large numbers, are cited as doctors. By the way, Apple reported that at least as a result of a security problem on one server in the data center, Apple canceled the equipment delivery contract with Supermicro in early 2016.

The named Apple has been replying frankly. "The published Bloomberg's article says" Apple reports incidents to FBI and keeps track of the detailed circumstances ", but to Bloomberg in November 2017" Apple is listening to this investigation I have never done it before. "The fact that I reported to the FBI has never been told about this type of incident, as I've told Bloomberg, this is absolutely not a fact.Apple I have never discovered a malicious chip. "

Also, AWS (Amazon) also issued a press release, clearly denying the press.

Setting the Record Straight on Bloomberg BusinessWeek's Erroneous Article | AWS Security Blog
https://aws.amazon.com/jp/blogs/security/setting-the-record-straight-on-bloomberg-businessweeks-erroneous-article/

Supermicro also said that although there is no hindrance to research cooperation with FBI, "We are not completely aware of any investigation on this matter, and we have not heard from the investigation agency," completely denied suspicion.

The Chinese Foreign Ministry also said, "China is advocating cyber security, advocating cooperation of the international community to confront cyber security threats through dialogue based on mutual respect, equality, mutual benefit principle" , Clearly denying the involvement of Chinese authorities.