Results 1 to 10 of 10

Thread: Major Chinese hacking scheme.

  1. #1
    Troll Magnet Sparko's Avatar
    Join Date
    Jan 2014
    Faith
    Christian
    Gender
    Male
    Posts
    41,460
    Amen (Given)
    3891
    Amen (Received)
    19054

    Major Chinese hacking scheme.

    The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies
    The attack by Chinese spies reached almost 30 U.S. companies, including Amazon and Apple, by compromising America’s technology supply chain, according to extensive interviews with government and corporate sources.

    In 2015, Amazon.com Inc. began quietly evaluating a startup called Elemental Technologies, a potential acquisition to help with a major expansion of its streaming video service, known today as Amazon Prime Video. Based in Portland, Ore.,
    ...
    To help with due diligence, AWS, which was overseeing the prospective acquisition, hired a third-party company to scrutinize Elemental’s security, according to one person familiar with the process. The first pass uncovered troubling issues, prompting AWS to take a closer look at Elemental’s main product: the expensive servers that customers installed in their networks to handle the video compression.
    ...
    Nested on the servers’ motherboards, the testers found a tiny microchip, not much bigger than a grain of rice, that wasn’t part of the boards’ original design. Amazon reported the discovery to U.S. authorities, sending a shudder through the intelligence community. Elemental’s servers could be found in Department of Defense data centers, the CIA’s drone operations, and the onboard networks of Navy warships. And Elemental was just one of hundreds of Supermicro customers.

    During the ensuing top-secret probe, which remains open more than three years later, investigators determined that the chips allowed the attackers to create a stealth doorway into any network that included the altered machines. Multiple people familiar with the matter say investigators found that the chips had been inserted at factories run by manufacturing subcontractors in China.

    ...
    The chips had been inserted during the manufacturing process, two officials say, by operatives from a unit of the People’s Liberation Army. In Supermicro, China’s spies appear to have found a perfect conduit for what U.S. officials now describe as the most significant supply chain attack known to have been carried out against American companies.

    One official says investigators found that it eventually affected almost 30 companies, including a major bank, government contractors, and the world’s most valuable company, Apple Inc. Apple was an important Supermicro customer and had planned to order more than 30,000 of its servers in two years for a new global network of data centers.

    more here:

    https://www.bloomberg.com/businessweek

    A long and interesting read.

  2. #2
    Oops....... mossrose's Avatar
    Join Date
    Jan 2014
    Faith
    slave & child of Christ
    Gender
    Female
    Posts
    17,880
    Amen (Given)
    13290
    Amen (Received)
    7830
    It's Trump's fault.

    I win!!!!!!


    Securely anchored to the Rock amid every storm of trial, testing or tribulation.

  3. #3
    Troll Magnet Sparko's Avatar
    Join Date
    Jan 2014
    Faith
    Christian
    Gender
    Male
    Posts
    41,460
    Amen (Given)
    3891
    Amen (Received)
    19054
    Quote Originally Posted by mossrose View Post
    It's Trump's fault.

    I win!!!!!!
    You are a Chinese spy!

  4. #4
    Oops....... mossrose's Avatar
    Join Date
    Jan 2014
    Faith
    slave & child of Christ
    Gender
    Female
    Posts
    17,880
    Amen (Given)
    13290
    Amen (Received)
    7830
    Quote Originally Posted by Sparko View Post
    You are a Chinese spy!


    Securely anchored to the Rock amid every storm of trial, testing or tribulation.

  5. #5
    Professor The Melody Maker's Avatar
    Join Date
    Jun 2014
    Faith
    Slave for Christ
    Gender
    Male
    Posts
    1,846
    Amen (Given)
    2705
    Amen (Received)
    1090
    You don't want to know what I initially thought the thread's title said at first glance.
    ~ Russell ("MelMak")

    "[Sing] and [make] melody in your heart to the Lord." -- Ephesians 5:19b

    Fight_spam!

  6. #6
    Oops....... mossrose's Avatar
    Join Date
    Jan 2014
    Faith
    slave & child of Christ
    Gender
    Female
    Posts
    17,880
    Amen (Given)
    13290
    Amen (Received)
    7830
    I want to know.


    Securely anchored to the Rock amid every storm of trial, testing or tribulation.

  7. #7
    Troll Magnet Sparko's Avatar
    Join Date
    Jan 2014
    Faith
    Christian
    Gender
    Male
    Posts
    41,460
    Amen (Given)
    3891
    Amen (Received)
    19054
    Apple is claiming it never happened.

    Apple told Congress it found no evidence of server tampering
    "Nothing was ever found," during scans of outbound traffic, it said

    In a letter to Congress, Apple reiterated that it found no evidence of microchip-based server tampering by Chinese agents that was reported by Bloomberg Businessweek. The company, along with Amazon and server manufacturer Super Micro, had previously released forceful denials of suspicions that its servers contained malicious components. The US Department of Homeland Security (DHS) and UK cybersecurity officials had also chimed in, saying they have no reason to doubt Amazon and Apple's denials.

    Apple VP for IT security Goerge Stathakopoulos sent letters to both the US House and Senate Commerce Committees, according to a Reuters report. "Apple's proprietary security tools are continuously scanning for precisely this kind of outbound traffic, as it indicates the existence of malware or other malicious activity," it stated. "Nothing was ever found."

    The letter also repeated press statements from Apple that it never discovered any backdoor components that could compromise user security. Apple originally said that it "conducted rigorous internal investigations based on [Bloomberg's] inquiries and each time we have found absolutely no evidence to support any of them." The company also noted that the story was based on 17 anonymous sources, with some allegations based on even fewer unnamed sources.

    https://www.engadget.com/2018/10/08/...cro-tampering/

  8. #8
    Professor and Chaplain Littlejoe's Avatar
    Join Date
    Feb 2014
    Location
    North Texas
    Faith
    Christian
    Gender
    Male
    Posts
    3,868
    Amen (Given)
    1508
    Amen (Received)
    1617
    Scary as a LOT of server and pc system boards are manufactured in China. It could happen to more than one company IMO...
    "What has the Church gained if it is popular, but there is no conviction, no repentance, no power?" - A.W. Tozer

    "... there are two parties in Washington, the stupid party and the evil party, who occasionally get together and do something both stupid and evil, and this is called bipartisanship." - Everett Dirksen

  9. #9
    Must...have...caffeine One Bad Pig's Avatar
    Join Date
    Jan 2014
    Location
    Inside the beltway
    Faith
    Christian
    Gender
    Male
    Posts
    17,770
    Amen (Given)
    5298
    Amen (Received)
    10071
    Quote Originally Posted by Sparko View Post
    Apple is claiming it never happened.

    Apple told Congress it found no evidence of server tampering
    "Nothing was ever found," during scans of outbound traffic, it said

    In a letter to Congress, Apple reiterated that it found no evidence of microchip-based server tampering by Chinese agents that was reported by Bloomberg Businessweek. The company, along with Amazon and server manufacturer Super Micro, had previously released forceful denials of suspicions that its servers contained malicious components. The US Department of Homeland Security (DHS) and UK cybersecurity officials had also chimed in, saying they have no reason to doubt Amazon and Apple's denials.

    Apple VP for IT security Goerge Stathakopoulos sent letters to both the US House and Senate Commerce Committees, according to a Reuters report. "Apple's proprietary security tools are continuously scanning for precisely this kind of outbound traffic, as it indicates the existence of malware or other malicious activity," it stated. "Nothing was ever found."

    The letter also repeated press statements from Apple that it never discovered any backdoor components that could compromise user security. Apple originally said that it "conducted rigorous internal investigations based on [Bloomberg's] inquiries and each time we have found absolutely no evidence to support any of them." The company also noted that the story was based on 17 anonymous sources, with some allegations based on even fewer unnamed sources.

    https://www.engadget.com/2018/10/08/...cro-tampering/
    Amazaon is also denying the story (as is Super Micro), and DHS sees no reason to doubt the companies' statements.
    Enter the Church and wash away your sins. For here there is a hospital and not a court of law. Do not be ashamed to enter the Church; be ashamed when you sin, but not when you repent. – St. John Chrysostom

    Veritas vos Liberabit<>< Learn Greek <>< Look here for an Orthodox Church in America<><Ancient Faith Radio

    I recommend you do not try too hard and ...research as little as possible. Such weighty things give me a headache. - Shunyadragon, Baha'i apologist

  10. #10
    Troll Magnet Sparko's Avatar
    Join Date
    Jan 2014
    Faith
    Christian
    Gender
    Male
    Posts
    41,460
    Amen (Given)
    3891
    Amen (Received)
    19054
    Quote Originally Posted by One Bad Pig View Post
    Amazaon is also denying the story (as is Super Micro), and DHS sees no reason to doubt the companies' statements.
    So either they are covering it up for security or other reasons, or the story is fake. The detail in the OP story was pretty extensive for it to be fake.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •