On Oct. 4, Bloomberg published a blockbuster report that claimed China had compromised servers used by American tech giants including Amazon (NASDAQ:AMZN) and Apple (NASDAQ:AAPL). The prospect of a tiny chip being able to take over a server, completely bypassing the best security software, caused shock waves. Apple stock and Amazon stock were both down as the companies scrambled to assure the public that the data managed by their cloud servers was completely safe, refuting Bloomberg’s claims.
Who is right, and what does it all mean? Bloomberg and the tech companies are still battling this one out, but one thing is clear. By sourcing components cheaply from an overseas supply chain, tech companies are running the risk of the hardware being compromised.
Bloomberg Reports China Infiltrated U.S. Companies With Computer Chip
Computer security has become an increasingly hot topic. Ransomware continues to wreak havoc, and even the Mac has proven to be vulnerable to malware.
This year kicked off with an ominous new issue. Meltdown and Spectre were hardware vulnerabilities that left computers running processors — including those from Intel (NASDA:INTC) — vulnerable to exploits. Patching these vulnerabilities cut into performance, an issue that had a material impact on companies relying on huge server farms, like Amazon and its Amazon Web Services (AWS).
Bloomberg’s report claims that Chinese spies had compromised nearly 30 U.S. companies — including Apple and Amazon — through use of a tiny computer chip. That chip was added to servers that were manufactured overseas for the companies. It is tiny (the size of a grain of rice) virtually undetectable, and it gave backdoor access to the affected computers.
This is a nightmare scenario and the timing is making the situation even worse. The rise of malware and vulnerabilities have the public on edge, the U.S. is engaged in a trade war with China while accusing Chinese tech companies of spying, and to top it off data privacy has companies like Facebook (NASDAQ:FB) on the hot seat.
At the center of the issue is Super Micro (OTCMKTS:SMCI), a company that primarily manufactures computer motherboards through contractors in China. Motherboards that were used in the servers in question. Super Micro stock plunged 50% after the report was published …
Implications of the Chinese Hack
What has experts freaking out about the Bloomberg report is the fact that a microchip added to the servers wouldn’t be caught by traditional security software. Operating as part of the computer — which security software treats as trusted hardware — these chips would operate without detection. And they would offer a backdoor that would let spies modify the servers and access the network they are connected to.
According to Bloomberg, no consumer data is known to have been stolen, with China more interested in “long-term access to high-value corporate secrets and sensitive government networks.”
“We’ve found no evidence to support claims of malicious chips or hardware modifications.”
Apple came out swinging against Bloomberg:
“We have repeatedly and consistently offered factual responses, on the record, refuting virtually every aspect of Bloomberg’s story relating to Apple. . . On this we can be very clear: Apple has never found malicious chips,’hardware manipulations’ or vulnerabilities purposely planted in any server. Apple never had any contact with the FBI or any other agency about such an incident. We are not aware of any investigation by the FBI, nor are our contacts in law enforcement.”
Where Are We Now?
At this point, we are in a period of finger-pointing and denial. There will certainly be calls for a thorough investigation, and mistrust of the Chinese supply chain used by so many tech companies seems likely to increase. Companies like Apple also run the risk of customers losing confidence in cloud storage to safeguard their private data. The Chinese hack report aftermath also continues to be a drag on Apple stock, Amazon stock and while Super Micro stock has recovered a bit, it’s still down over 45% from the start of the week.
As of this writing, Brad Moon did not hold a position in any of the aforementioned securities.