Citing unnamed U.S. officials, Bloomberg said a unit of the People's Liberation Army were involved the operation that placed the chips on equipment manufactured in China for US-based Super Micro Computer Inc. One affected company had its servers used by USA government clients, including Department of Defense data centers, Navy warships and the Central Intelligence Agency in its drone operations.
The company has denied the claims made in the extensive report by Bloomberg Businessweek, however, that hasn't stopped a share price onslaught. The surveillance microchips reportedly could have connected to outside computers and secretly downloaded software to bypass security protections elsewhere, such as passwords or encryption keys, stored elsewhere on the affected servers, enabling remote computerized spying.
We learn a few things from this statement, namely that Apple has been already asked for comments on the spy chips, and has hinted towards an earlier, much more benign incident.
Supermicro reportedly assembled server motherboards for the startup and after forensic examination, it was found that tiny chips embedded in the board were not part of the original design.
It said dozens of large U.S. firms and agencies were using the hardware - but Amazon first discovered the chips, the size of a grain of rice, during a security review it ordered after buying a software firm called Elemental three years ago. Apple insiders, too, offered information regarding the hardware attack that Apple reportedly fell victim to.
Tesla shares jump after Elon Musk settles with SEC
He accepted the deal with the SEC "without admitting or denying the allegations of the complaint", according to a court document. Musk, a co-founder of Tesla , is the company's largest stockholder, owning approximately 22 per cent of its outstanding shares.
Amazon responded that "at no time, past or present, have we ever found any issues relating to modified hardware or malicious chips in Super Micro motherboards in any Elemental or Amazon systems".
AWS told Bloomberg it had re-reviewed its records related to the Elemental acquisition and "found no evidence to support claims of malicious chips or hardware modifications". Super Micro servers were removed by Apple that year, according to the report, which also asserts ties with Super Micro were severed in 2016.
One miniscule microchip, found on Chinese-built motherboards, may have infiltrated the world's biggest companies and the depths of the US government.
Apple has issued strong denials of the report, stating: "We are deeply disappointed that in their dealings with us, Bloomberg's reporters have not been open to the possibility that they or their sources might be wrong or misinformed". Apple never had any contact with the Federal Bureau of Investigation or any other agency about such an incident.
According to the report, Amazon Web Services uncovered the malicious chips in 2015 when examining servers manufactured by a company known as Elemental Technologies, which AWS eventually acquired. China's reported goal was to access these data centres and swipe confidential information. Bloomberg, however, says it talked to 17 people who've confirmed the investigation into compromised Supermicro products. "China is a resolute defender of cybersecurity", the Chinese foreign ministry told Bloomberg.