If the Bloomberg report is true, this means that American companies aren’t the only victims of hardware tampering. This is a real threat that’s been growing for years, and multinational companies are at risk.
First Published 8th October 2018
These aren't the droids you're looking for.
4 min read | Reflare Research Team
In a story published on October 4th 2018, Bloomberg detailed an alleged attack against major US companies using a specialized backdoor chip. The chip is said to have been placed into server hardware by Chinese manufacturing companies during the production of said hardware. The report is detailed, and refers to a number of CIA and FBI investigations which supposedly investigated and uncovered the infiltration. Among the companies that Bloomberg says were affected are tech giants such as Amazon and Apple.
All companies have denied the allegations and claim that no knowledge of such hardware backdoors exists. The denials are equally detailed and emphatic.
Both the CIA and FBI have refused to comment on the matter.
What does this mean?
At this point in time, it is impossible to tell if Bloomberg’s claim is factually accurate. It is possible that they uncovered a false flag operation or went after a hoax. It is equally possible that the investigation was real and the tech companies denied the backdoors to preserve their public image. Lastly, it is possible that the investigation is real but that the affected tech companies have not yet been informed of it by the investigators.
Time will tell and we will continue to cover this story as more details emerge.
What is clear however is that if backdoor chips should indeed be found, they were most likely placed in the Chinese technology manufacturing plants that built the hardware - either by order of criminals or governments or both.
The supply chain nightmare
Hardware backdoors in foreign-made electronics have been a recurring nightmare scenario for all governments. The global supply chain for high-end technology is so intertwined that virtually nothing is produced without the interference of a potential enemy.
A chip designed in the USA may be cast in Europe before being assembled in China and shipped to an African market via South East Asia. At every point in that chain, a hardware backdoor could be introduced into the system. Such a backdoor would be virtually impossible to detect by traditional means and equally hard to defend against.
Allegations of hardware backdoors have been repeatedly levelled against various parties in the past. Such cases include claims that Intel CPUs contain hidden backdoors known to the NSA or that Chinese routers contain backdoors known to the Chinese government. So far, such claims are not proven. However, due to the complex nature of modern technology, they could well exist and still be virtually impossible to find.
This risk coupled with the assumption that at least some hardware backdoors are probably introduced into various supply chains leads to the extreme security measures adopted by most militaries. A common joke pokes fun at the fact that a certain chip used in US fighter jets costs the government hundreds of dollars while it only costs cents on the open market.
The risk of hardware backdoors is precisely the reason for this seeming absurdity. The chip used in the fighter jet is produced completely within the US - or depending on the criticality within NATO. This makes it orders of magnitude more expensive than the Chinese or Taiwanese version of the same chip.
Summary
While the Bloomberg report is gaining a lot of attention, it is too early to tell if an attack indeed took place. However, since supply chain level attacks against hardware are at the fingertips of most governments, virtually undetectable and a potentially critical asset in a future cyber conflict, it is reasonable to assume that at least some such backdoors are currently in the wild.
There is literally nothing the average organization or consumer can do to protect themselves against this sort of threat. Supply-chain level hardware backdoors are an issue that we expect to gain sudden relevance once the first backdoors are used to stage governmental-level cyber attacks. Alas when and in what context this happens remains to be seen.