Is your motherboard hacked?

October 08, 2018 //By William Wong
Is your motherboard hacked?
A report in Bloomberg Businessweek, “The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies,” alleges Chinese-based corruption of the supply chain for some server motherboards destined for use in the United States (U.S.).

The details of the attack are still fuzzy, but essentially an additional chip or modified chip were added to Super Micro Computer (Supermicro) motherboards when they were built in China. The hack seems to be related to the baseboard management controller (BMC) that has complete control of the motherboard. The BMC is part of the remote management system.

The U.S. government has been investigating the issue and much of this remains classified. The investigation goes back to 2014. The impact is major potentially affecting companies like Amazon and Apple that use thousands of servers, many from Supermicro, to provide cloud services as well as supporting their own network services from websites for consumer sales to streaming media.

One reason for the attack on Supermicro is that it delivers a wide range of server products in addition to consumer and gaming motherboards and embedded systems, many of which have been covered by Electronic Design and other computer and electronic publications. Supermicro, founded in 1993, is one of the largest suppliers of server-related hardware in the world.

Evidently, Amazon found compromised server motherboards in 2015 when considering an acquisition of Elemental Technologies, a firm into video-streaming services that demands high-performance servers.

According to Bloomberg: “In emailed statements, Amazon, Apple, and Supermicro disputed summaries of Bloomberg Businessweek’s reporting. However, the account is based on more than a year of reporting and more than 100 interviews, including several current and former senior national security officials and insiders at Apple and Amazon. In all, 17 people confirmed the manipulation of Supermicro’s hardware and other elements of the attacks.”

Vous êtes certain ?

Si vous désactivez les cookies, vous ne pouvez plus naviguer sur le site.

Vous allez être rediriger vers Google.