A recent Bloomberg investigative report further reveals Beijing‘s long-standing espionage campaign against the United States using the technology supply chain. Pictured is a diagram of semiconductors.
It is no secret that the Chinese Communist Party uses various means to infiltrate all aspects of the United States and other Western countries. A recent Bloomberg investigative report further reveals that Beijing has used the technology supply chain to conduct a long-standing espionage campaign against the United States.
On February 12, 2021, Bloomberg News published an article by journalists Jordan Robertson and Michael Riley that revealed that the U.S. government has been using the technology supply chain to spy on the U.S. For years, U.S. investigators have found malicious code hidden on the bootloader chips of American Super Micro products, leading to the theft of U.S. data and its transmission to China. The article was co-authored by reporters Jordan Robertson and Michael Riley on a topic that does not appear to be very relevant to financial information: hacking, the Chinese Communist Party, and US Supermicro.
Bloomberg reports that U.S. investigators found that products made by Super Micro Computer Inc.
In 2010, the U.S. Department of Defense discovered that thousands of computer servers were sending military network data to China, attributed to code hidden in chips that handle the computer’s boot process; in 2014, Intel Corp. discovered that an elite Chinese Communist hacking group had compromised the company’s network through malware downloaded from a vendor’s update site through a server; and in 2015, the FBI warned several companies that Chinese Communist operators had hidden an additional chip with backdoor code in a manufacturer’s server.
The Bloomberg article noted that all of these attacks pointed to the CCP and US Supermicro; and on the U.S. side, intelligence experts have kept their investigations widely classified in order to further understand and counter the CCP’s manipulative capabilities.
Former Navy SEAL: It’s True
The latest Bloomberg report notes that the report on US Supermicro interviewed more than 50 people from law enforcement, the military, Congress, intelligence agencies and the private sector, most of whom asked to remain anonymous in order to share sensitive information. But company documents reviewed by Bloomberg confirmed some details.
Bloomberg Businessweek first reported in October 2018 on the addition of malicious chips to U.S. supermicro products by the Chinese Communist Party. That report said Apple Inc. and Amazon.com Inc. had found the chip on devices they had purchased. But US Supermicro, Apple and Amazon publicly called for the article to be retracted, and U.S. government officials disputed the article.
But Bloomberg’s latest report notes that it’s now clear that the BusinessWeek report covers only part of a larger series of events. Throughout the process, U.S. government officials did not make their findings available to the public, and “U.S. Supermicro” itself was not informed of the FBI’s counterintelligence investigation.
Secrets were revealed from Time to time as the intelligence agency and other government agencies selected companies for warnings and sought the help of outside experts, the report said.
Former Navy SEAL Mike Janke, co-founder of the Data Tribe, a venture capital firm, consulted with two security firms involved in the government’s investigation.
He told Bloomberg that the FBI’s counterintelligence division briefed the two security firms, which were investigating the malicious chip found on a Micromax motherboard, and that the firms then used advanced hardware on the actual tampered Micromax motherboard to The companies then used advanced hardware forensics on the actual tampered Metsumicro motherboard to verify the presence of the added malicious chip.
Yonker said the companies were not allowed to speak publicly about the work, but he agreed to discuss their findings in general to raise awareness of the threat of Chinese Communist espionage in the technology supply chain.
“It’s real, and the government knows it,” Yonker said.
Pentagon finds vulnerabilities
Bloomberg reported that the Pentagon security team discovered unusual behavior in the unclassified network of “US Supermicro” servers around early 2010. Six former classified personnel described the classified incident, in which the machines were allegedly equipped with unauthorized instructions that instructed each machine to secretly copy data about itself and its network and send that information to China. The Pentagon found such implants in thousands of servers, one official said.
Military experts who investigated the Pentagon breach determined that the malicious instructions directing the Pentagon servers were hidden in the computer’s BIOS (basic input-output system), the part of the computer that tells it what to do when it boots up.
Overall, the findings indicate that Chinese Communist intelligence agencies infiltrated the U.S. Supermicro BIOS engineering, the six officials said.
US Supermicro Response
Bloomberg quoted former U.S. officials as saying that neither US Supermicro nor any of its employees have been charged with illegal conduct and that the company is not the target of a counterintelligence investigation.
In response to Bloomberg’s latest report, Super Micro issued a statement on Feb. 12 saying the company has never been contacted by the U.S. government, or any other partner or customer, about the reported investigation, calling the report “a hodgepodge of disparate and inaccurate allegations from many years ago, with conclusions that are far-fetched and do not stand up to scrutiny.
Former Senior FBI Official: Choosing to Make in China Puts You at Risk
Jay Tabb, a former senior FBI official, said the Metso Micro story shows the widespread risks that exist in the global supply chain.
Tabb said, “The US Supermicro (incident) is a good illustration of the potential for malicious tampering with any product that a U.S. company chooses to manufacture in China. If you don’t have full oversight of where the device is manufactured, this example shows the worst kind of scenario.”
Tabb serves as executive assistant director of the FBI’s national security division from 2018 until his retirement in January 2020. He declined to give details of the FBI’s investigation.
But he told Bloomberg that “the Chinese Communist government has been doing this for a long time, and companies need to realize that the Communist Party is doing it. Silicon Valley, in particular, has to stop pretending this isn’t happening.”
Frank Figliuzzi, a former FBI assistant director of counterintelligence who stepped down in 2012, told Bloomberg, “The tragic story of US Supermicro is a chilling wake-up call for the industry.”
He said, “If you think this story involves just one company, you’re wrong. This is a ‘don’t let this happen to you’ moment for any company in the tech industry supply chain.”
James Lewis, director of the strategic technology program at the Center for Strategic and International Studies (CSIS), a Washington think tank, told Voice of America, “China [the Communist Party of China] is the most aggressive adversary of espionage the United States faces, and China [the Communist Party of China] has been spying on U.S. companies for years. China’s government Hackers are getting more sophisticated every year. It’s like a Chinese version of Sunwind (note: SolarWinds, Inc.) – a massive supply chain hacking operation that exposes thousands of targets.”
Chinese Communist spy chip implants had sparked concern among U.S. lawmakers of both parties in 2018
In October 2018, Bloomberg Businessweek sparked concern among U.S. lawmakers of both parties after it published an explosive investigative report detailing that the Chinese Communist Party’s intelligence service ordered subcontractors to implant malicious chips in the motherboards of U.S. SuperMicro computer servers.
At the time, Republican Senator Marco Rubio and Democratic Senator Richard Blumenthal sent a letter to Super Micro CEO Charles Liang on Oct. 9, 2020, requesting more information.
The senators added, “As members of Congress, we are alarmed by any potential threats to national security and have a responsibility to ensure the security of our nation’s sensitive networks. We are writing to request that US Supermicro Computer, provide information about what these reports say are attempts by (the Chinese Communist Party) to sabotage its computer products and spy on the United States.”
In an emailed statement, Amazon, Apple and US Supermicro Computer strongly denied the Bloomberg Businessweek report. Rubio and Blumenthal said in the letter that they were aware of the companies’ denials. But they said that based on the nature of the issues raised in the report, a full resolution is needed.
The letter from Rubio and others cited a Bloomberg report that said the Chinese Communist military was involved in a sophisticated operation to insert malicious surveillance and data processing components into server motherboards. According to the report, Chinese communist intelligence agents tricked, bribed and coerced third-party manufacturers and subcontractors of U.S. Supercomputers into changing the motherboard design. These added components, while seemingly innocuous and common chips to observers, are sophisticated backdoors that can quietly provide the Chinese Communist government with leaked classified data and the ability to bypass security controls on the nation’s most sensitive systems.
Recent Comments