A report published by Bloomberg today (paywall) details a targeted attack on American technology companies, whereby the Chinese military pressured manufacturers to install malicious chips into hardware destined for data centers run by Amazon and Apple. Over two dozen other US tech companies also unwittingly received such chips, according to the article.
Apple, Amazon, and Super Micro Computer—a motherboard manufacturer allegedly pressured to install the spy devices—all vehemently deny the allegations (paywall), but Bloomberg claims the story is true, based on the testimony of nearly 20 anonymous sources inside Apple, Amazon, and US intelligence agencies.
According to the report, both Apple and Amazon independently found the embedded devices in 2015. Apple had 7,000 servers with the malicious hardware, while in Amazon’s case only servers in China had it. Both companies eventually purged their businesses of the infected hardware, according to Bloomberg, which quoted an Apple employee saying its 2015 was internally called “going to zero.” Amazon sold off its Chinese data-center infrastructure in 2017. Bloomberg quoted an anonymous source inside Amazon saying that the decision was to “hack off the diseased limb.” Both Apple and Amazon refute those accounts.
US intelligence officials told Bloomberg that after monitoring the servers known to contain the malicious chips, which were disguised to look like a typical chip component and were about the size of a sharpened pencil tip, their installation was traced back to China’s military, the People’s Liberation Army. Military operatives would reportedly bribe or pressure Super Micro partners to change designs to incorporate the chips, so that hardware would be compromised before customers received it.
The investigation by US intelligence agencies remains open, according to the report, and security experts are saying that if the allegations are true it’s likely that other hardware manufacturers are compromised.