Bloomberg reporters are persistent. Two and a half years ago, this media accused China of integrating cyber espionage chips the size of a small grain of rice in the motherboards of Supermicro, an American computer manufacturer. This investigation, largely based on anonymous testimony, has not been confirmed by any stakeholder, be it the manufacturer, customers or government agencies.
Bloomberg has now put the cover back and claims that China has indeed built backdoors into motherboards, not only of Supermicro servers, but also of Lenovo laptops. This time around, journalists are racking up testimonies from more than 50 people, from the private sector, government agencies, the US parliament, defense and law enforcement, most of them anonymously, but not all.
In 2008, the US military would have found itself with a “Large name of Lenovo portable PCs” whose cards incorporated a chip “Which records all the data that goes into the laptop and transfers it to China”. In 2010, the Pentagon would then have detected backdoors on thousands of Supermicro servers. They would have transferred to China technical data on the host machine and the network to which the machine was connected. They would thus have succeeded in mapping part of the unclassified network of the Department of Defense.
These backdoors are said to be the work of Chinese intelligence agencies, who have hidden them in the BIOS of Supermicro motherboards, with the help of one or more of the manufacturer’s employees. In 2014, FBI investigators would then have come across a second category of backdoors integrated on Supermicro’s motherboards, the famous chips Bloomberg had spoken of in 2018. The government would have kept all these discoveries a secret so as not to alert the China and be able to analyze in depth their espionage capacities.
Supermicro, for its part, rejects all these allegations en bloc.
“The Bloomberg article is a mishmash of disparate and inaccurate allegations dating back many years. It draws far-fetched conclusions that, again, do not stand up to scrutiny. In fact, the National Security Agency again told Bloomberg last month that it was maintaining its 2018 comments and the agency said of Bloomberg’s new claims that it “cannot confirm that this incident – or the subsequent response actions described – never happened. ” Despite Bloomberg’s allegations of alleged cybersecurity or national security investigations going back more than 10 years, Supermicro has never been contacted by the US government, or any of our partners or customers, regarding these alleged investigations ”, can we read in a press release.
On the government side, Bloomberg has not obtained confirmation either. The various administrations questioned either made no comment or replied in a very general manner.
Source: Sécurité – 01net by www.01net.com.
*The article has been translated based on the content of Sécurité – 01net by www.01net.com. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!
*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.
*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!