Chinese Spying Chips Found Hidden on US companies’ servers. Business and markets news company Bloomberg reported today that a very small surveillance chip, similar in size to a grain of rice, has been found hidden in servers used by US companies. These servers are being used by nearly 30 American companies, including big names such as Apple and Amazon.
The servers are designed in the US by an American company called Super Micro, and do not include the chip in their designs. It is thought the chip must have been added in China, during the manufacturing process for the servers. The chip is an example of a “hardware hack” where hardware is modified to perform functions that wasn’t originally intended in the design. It is suspected the purpose of the chip is to spy on American companies and their users.
The lengthy publication by Bloomberg reports that Apple and Amazon were among those companies affected, but both companies refute the claim. An Apple spokesperson told Bloomberg that they had no history of finding malicious chips or hardware manipulations in any of its servers. Apple no longer used Super Micro servers after ending their contract with them in 2016.
Amazon also disputes the claims about their servers containing malicious chips and says they have not worked with the FBI to investigate malicious hardware within the company. Super Micro join Apple and Amazon in denying the claims about its servers.
In response to the allegations, China’s Ministry of Foreign Affairs released a statement saying “China is a resolute defender of cybersecurity. It advocates for the international community to work together on tackling cybersecurity threats through dialogue on the basis of mutual respect, equality and mutual benefit. Supply chain safety in cyberspace is an issue of common concern, and China is also a victim. China, Russia, and other member states of the Shanghai Cooperation Organization proposed an “International code of conduct for information security” to the United Nations as early as 2011. It included a pledge to ensure the supply chain security of information and communications technology products and services, in order to prevent other states from using their advantages in resources and technologies to undermine the interest of other countries. We hope parties make less gratuitous accusations and suspicions but conduct more constructive talk and collaboration so that we can work together in building a peaceful, safe, open, cooperative and orderly cyberspace.