That Bloomberg Supply-Chain-Hack Story
Back in October, Bloomberg reported that China has managed to install backdoors into server equipment that ended up in networks belonging to — among others — Apple and Amazon. Pretty much everybody has denied it (including the US DHS and the UK NCSC). Bloomberg has stood by its story — and is still standing by it.
I don’t think it’s real. Yes, it’s plausible. But first of all, if someone actually surreptitiously put malicious chips onto motherboards en masse, we would have seen a photo of the alleged chip already. And second, there are easier, more effective, and less obvious ways of adding backdoors to networking equipment.
EDITED TO ADD (12/17): SuperMicro now denies it.
Ignatio Ramus • November 30, 2018 7:30 AM
Makes you wonder who the original 17 sources are (i.e. what nation they really work for)