If there is already a tense trade situation between the United States and China following sanctions by the Trump administration on Chinese imports into the country, now a new crisis has erupted with the news of hundreds of computers in the U.S. being compromised by Chinese hackers through spy chips supplied to large American companies.
The report first broke on Bloomberg following an investigation which was supposed to have run for three years, as claimed by the publication.
The U.S. Department of Homeland Security (DHS) immediately swung into action and ordered an investigation.
Meanwhile, two of the largest U.S.-based tech companies, Apple and Amazon, mentioned in the Bloomberg report have issued denials that any of their computer networks have been hacked.
The Genesis of the “Big Hack”
The report by Bloomberg runs into several pages and it has traced the entire sequence back to 2014 when the former Obama administration received a warning that Chinese spy chips were attempted to be inserted in motherboards sold by California-based supplier Supermicro.
Again, in 2016, a report emerged from Amazon that Supermicro’s name was also mentioned as having supplied motherboards with the spy chips.
The report then mentions that several government departments within the U.S. government including the Department of Defense, the Navy, Homeland Security and NASA could have purchased machines with these motherboards and therefore are vulnerable in that sense.
One particular observation was that the damage limited to servers and desktops were probably not affected.
But then the investigation put the number of servers with the suspected chips on their motherboards at around 30,000.
Though many experts have given their opinions that the kind of hacking that is being reported by the Bloomberg is very difficult to execute, it cannot be ruled out.
Corporate Denials Come into the Picture
Apple has meanwhile not only publicly denied that any of its servers were hacked, but has written to the U.S. Senate and House commerce committees confirming the same.
Amazon too issued a separate statement denying that any hacking took place on any of its servers or networks.
Incidentally, the Department of Homeland Security has issued a statement to the effect that it has no reason to doubt the claims of both Apple and Amazon that their servers have not been compromised.
Some of these statements by U.S. authorities have been mirrored by the National Cyber Security Centre in the U.K., also stating that the denials by Apple and Amazon are credible.
Supermicro also put out a statement disputing the reporting in the Bloomberg investigation.
No Big Damage Done?
The original report by Bloomberg has not been able to come to a conclusion with a high degree of certainty that there were hacking attacks and that some data has been stolen.
At this stage, it can only by presumed that there cannot be smoke without a fire, and possibly the spy chips report was indeed true.
Once it was reported in 2014 by the U.S. intelligence agencies, all stakeholders might have been alerted and the motherboards replaced.
Alternately, the Chinese masters who might have been behind this espionage plan could have developed cold feet and remained inert without taking any further action on the hacking model they had created.
The Bloomberg investigative report, the U.S. administration stepping in and the companies issuing out their denials might bury the immediate issue of the alleged China hack, but there are other ramifications as fallout of the episode.
One is that the stock prices of the main company involved, Supermicro, tumbled in the markets.
The other and more important outcome is the general suspicion on Chinese electronic products that run on chips, which will include practically everything.
Going ahead, there may be more stringent standards imposed for bringing in Chinese electronic components into the U.S.