What are the chances that bloomberg isn't just full of @%&# here?
https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies
To me, the article appears well-sourced and well-researched. The details appear believable, and the actions mentioned line up with various warnings about Chinese-produced hardware over the past few years. I don't see an obvious motive for Bloomberg's journalists to lie in this story, so I'd say chances are pretty high that Bloomberg's article isn't full of @%&#.
This is what true nation-on-nation cyber warfare looks like, in my mind.
To me it seems like it should have blown up already.
Bloomberg made claims which at least Apple and Amazon have refuted (which Bloomberg published, good on 'em) so now we wait for the proof of said claims.
It's starting to creep into other media sources with a lot of discussion about potential ramifications. Either way don't put an appliance online without a firewall (duh)
IF its true its an awfully ballsy gambit with far reaching consequences across tech, politics and industry.
Quote from: Mr. Analog on October 04, 2018, 02:09:48 PM
Either way don't put an appliance online without a firewall (duh).
Supermicro is the OEM for a number of devices including security hardware.
A firewall / IDS / IPS / NGFW might not even pick up some outbound traffic if it is from a device that is already expected to have internet access.
Quote from: Lazybones on October 04, 2018, 03:15:39 PM
Quote from: Mr. Analog on October 04, 2018, 02:09:48 PM
Either way don't put an appliance online without a firewall (duh).
Supermicro is the OEM for a number of devices including security hardware.
A firewall / IDS / IPS / NGFW might not even pick up some outbound traffic if it is from a device that is already expected to have internet access.
Chilling if true then
Yeah, supermicro is a /big/ supplier for server equipment.
A good firewall would be able to notice unexpected traffic patterns. like for some reason you're getting regular check ins to some china server when it has no business going there.. but how many places set that kind of check up?
Quote from: Tom on October 05, 2018, 09:31:52 AM
Yeah, supermicro is a /big/ supplier for server equipment.
A good firewall would be able to notice unexpected traffic patterns. like for some reason you're getting regular check ins to some china server when it has no business going there.. but how many places set that kind of check up?
Gets hard to detect that if you ACTUALLY do work with companies in china unfortunately.
The provide pictures and descriptions of what they are like but why isn't there a break down of one of these listed from a known independent lab?
A new update: https://www.bloomberg.com/news/articles/2018-10-09/new-evidence-of-hacked-supermicro-hardware-found-in-u-s-telecom
Again no pictures or anything concrete and all from a single source. Super Micro's stock is taking a hammering with each one of these stories though
Quote from: Mr. Analog on October 09, 2018, 01:32:12 PM
A new update: https://www.bloomberg.com/news/articles/2018-10-09/new-evidence-of-hacked-supermicro-hardware-found-in-u-s-telecom
Again no pictures or anything concrete and all from a single source. Super Micro's stock is taking a hammering with each one of these stories though
The security expert there clearly indicates that the devices where tampered with in a late stage of the supply chain.
There was a similar issue with cisco hardware way back.
This is a bit better news that SuperMicro / many manufactures being directly involved.
Quote from: Lazybones on October 09, 2018, 04:50:55 PM
Quote from: Mr. Analog on October 09, 2018, 01:32:12 PM
A new update: https://www.bloomberg.com/news/articles/2018-10-09/new-evidence-of-hacked-supermicro-hardware-found-in-u-s-telecom
Again no pictures or anything concrete and all from a single source. Super Micro's stock is taking a hammering with each one of these stories though
The security expert there clearly indicates that the devices where tampered with in a late stage of the supply chain.
There was a similar issue with cisco hardware way back.
This is a bit better news that SuperMicro / many manufactures being directly involved.
Huh I only skimmed through the article that's interesting
Sent from my SM-T810 using Tapatalk
QuoteThe executive said he has seen similar manipulations of different vendors' computer hardware made by contractors in China, not just products from Supermicro. ?Supermicro is a victim -- so is everyone else,? he said. Appleboum said his concern is that there are countless points in the supply chain in China where manipulations can be introduced, and deducing them can in many cases be impossible. ?That's the problem with the Chinese supply chain,? he said.
QuoteThe more recent manipulation is different from the one described in the Bloomberg Businessweek report last week, but it shares key characteristics: They?re both designed to give attackers invisible access to data on a computer network in which the server is installed; and the alterations were found to have been made at the factory as the motherboard was being produced by a Supermicro subcontractor in China.
Well at least it is one of there subcontractors, which means that Supermicro as a whole probably isn't collaborating with but is one of its subcontractors is.
Yeah, its almost certainly stuff being done outside of supermicro's and anyone else's knowledge. The first article explains its agents walking up to sub contractor factories and pretending to be representatives from supermicro and ask for changes.
So I guess the US intelligence agencies were on to something a couple of years ago when they started disallowing software and hardware created in Russia and China...
It is particularly relevant for government and military use.
The NSA was doing it to Cisco hardware for export at one point.
https://www.techradar.com/news/networking/routers-storage/photos-reveal-nsa-tampered-with-cisco-router-prior-to-export-1249191