On february 12th, bloomberg published an article, the long hack, how china exploited a u.s tech supplier by journalist, jordan, robertson and michael riley. The article reveals that investigators have discovered malicious code hidden in the chips of super micro computer inc, also known as super micro, a computer hardware maker in san jose california, and for many years these hidden chips have been stealing data and transmitting it back to china. In 2010, the us department of defense found thousands of its computer servers, sending military network data to china the results of a hidden code in chips that handled the machines startup process in 2014 intel discovered that an elite chinese hacking group breached its network through a single Server that downloaded malware from a suppliers update site and in 2015 the fbi warned multiple companies that chinese operatives had concealed an extra chip loaded with backdoor code into manufacturers servers. Each of these distinct attacks had two things in common china and super micro journalists. For this report interviewed more than 50 people from law enforcement, military congress, intelligence agencies and private sectors, most of whom actually remain anonymous. Secrets have been revealed piece by piece as intelligence and government agencies consult with external parties to investigate the attacks and give warnings to associated companies mike jank, a former navy seal who co founded data tribe, a venture capital firm, told the journalists that, in early 2018, the Fbi was investigating the discovery of added malicious chips on super micros motherboards two security companies that mike advised were briefed by the fbi.

He said these two companies were subsequently involved in the government investigation where they used advanced hardware forensics on the actual tempered super microboards to validate the existence of the added malicious chips. The two companies are not allowed to speak publicly about the investigation, but they share the details from their analysis with mike mike decided to generally discuss the findings hoping to raise awareness about the ccps espionage activities within the technological supply chain. He said the malicious chips are real and the government knows it. The discovery of implanted servers was first reported in early 2010 by a pentagon security team in its unclassified network. According to six former senior pentagon officials, machines were found to be loaded with unauthorized instructions directing each one to secretly copy and send data of itself and its network to china. The malicious instructions guiding the pentagon servers were hidden in the machines. Basic input output system called bios. This is the part of the computer that tells it what to do at startup. The implant was found in thousands of servers. One official described it as ubiquitous, although there was no evidence that the implant extracted any details on military operations. Analysts were concerned that it might be a digital weapon that could shut down those systems during a conflict. Bloombergs businessweek first reported on supermicros malicious chips in october 2018., the story said apple and amazon had discovered the chips on equipment they purchased, but the 2018 article was disputed by the us government super micro, apple and amazon also publicly called for retracting the report.

The claim in the report still attracted bipartisan attention. In october 2020 republican senator marco rubio and democratic senator richard blumenthal sent a letter to charles niang, ceo of supermicro, requesting more information the letter states. If this news report is accurate, the potential infiltration of chinese backdoors could provide a foothold for adversaries and competitors to engage in commercial espionage and launch destructive cyber attacks. Former fbi, official jay tabb told bloomberg. Super micro is the perfect illustration of how susceptible american companies are to the potential nefarious tampering of any products they choose to have manufactured in china. It is an example of the worst case scenario if you dont have complete supervision over where your devices are manufactured. According to j tab, the chinese communist party has been doing this for a long time. American companies must be aware of the risk if they choose to have their products or parts of their products manufactured in china. Silicon valley, in particular needs to quit pretending that this isnt happening supermicro had denied all the allegations alleged in bloombergs report. The company accused the bloomberg had assembled a mishmash of desperate and inaccurate allegations that draws far fetched conclusions.