This week, Bloomberg released a huge scoop alleging that Chinese nation-state hackers associated with the PLA infiltrated Supermicro’s supply chain to inject a tiny backdoor chip in the server motherboards that shipped to big American companies like Amazon and Apple. If these allegations are true, they could have significant impact on whether or not the world will continue to trust 90% of PC manufacturing to foreign countries. On the other hand, these allegations are based on the reports of 17 unnamed sources, and there is little evidence to back them up. So far, Apple, Amazon, and the U.S. government have denied the allegations. Watch the video below to learn more about the potentially huge hack, and what I think about it.
Episode Runtime: 6:51
Direct YouTube Link: https://www.youtube.com/watch?v=sedFKY4YhOE
EPISODE REFERENCES:
- Bloomberg’s original article on the Supermicro supply-chain hack – Bloomberg
- Has the worst hack in sci-fi come true? – Motherboard
- There is no good fix for a hardware supply-chain attack – Wired
- Apple, Amazon and China’s reaction to the article – Bloomberg
- Homeland Security denies the Bloomberg allegations – Techcrunch
- Reporting on nation-state spying is hard to get right – Techcrunch
—Corey Nachreiner, CISSP (@SecAdept)
Leave a Reply