https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies
By Jordan Robertson and Michael Riley
Bloomberg Businessweek
October 4, 2018
In 2015, Amazon.com Inc. began quietly evaluating a startup called
Elemental Technologies, a potential acquisition to help with a major
expansion of its streaming video service, known today as Amazon Prime
Video. Based in Portland, Ore., Elemental made software for compressing
massive video files and formatting them for different devices. Its
technology had helped stream the Olympic Games online, communicate with
the International Space Station, and funnel drone footage to the Central
Intelligence Agency. Elemental’s national security contracts weren’t the
main reason for the proposed acquisition, but they fit nicely with
Amazon’s government businesses, such as the highly secure cloud that
Amazon Web Services (AWS) was building for the CIA.
To help with due diligence, AWS, which was overseeing the prospective
acquisition, hired a third-party company to scrutinize Elemental’s
security, according to one person familiar with the process. The first
pass uncovered troubling issues, prompting AWS to take a closer look at
Elemental’s main product: the expensive servers that customers installed
in their networks to handle the video compression. These servers were
assembled for Elemental by Super Micro Computer Inc., a San Jose-based
company (commonly known as Supermicro) that’s also one of the world’s
biggest suppliers of server motherboards, the fiberglass-mounted clusters
of chips and capacitors that act as the neurons of data centers large and
small. In late spring of 2015, Elemental’s staff boxed up several servers
and sent them to Ontario, Canada, for the third-party security company to
test, the person says.
Nested on the servers’ motherboards, the testers found a tiny microchip,
not much bigger than a grain of rice, that wasn’t part of the boards’
original design. Amazon reported the discovery to U.S. authorities,
sending a shudder through the intelligence community. Elemental’s servers
could be found in Department of Defense data centers, the CIA’s drone
operations, and the onboard networks of Navy warships. And Elemental was
just one of hundreds of Supermicro customers.
During the ensuing top-secret probe, which remains open more than three
years later, investigators determined that the chips allowed the attackers
to create a stealth doorway into any network that included the altered
machines. Multiple people familiar with the matter say investigators found
that the chips had been inserted at factories run by manufacturing
subcontractors in China.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
