Apple, Amazon deny report China used tiny chips to hack into their networks
Apple and Amazon.com have denied a Bloomberg report on Thursday that their systems contained malicious computer chips inserted by Chinese intelligence, statements from the two technology companies released separately by the news agency showed.
Bloomberg Businessweek cited 17 unnamed intelligence and company sources as saying that Chinese spies had placed computer chips inside equipment used by around 30 companies, as well as multiple US government agencies, which would give Beijing secret access to internal networks.
Reuters was unable to reach Apple and Amazon, as well as representatives with the FBI, Department of Homeland Security Agency and National Security Agency for comment.
China’s Ministry of Foreign Affairs did not immediately respond to a written request for comment on Thursday. Beijing has previously denied allegations of orchestrating cyberattacks against Western companies.
Amazon, in a statement published by Bloomberg, said: “We’ve found no evidence to support claims of malicious chips or hardware modifications.”
Amazon subsidiary Amazon Web Services, which provides on-demand cloud computing platforms, was described in the Bloomberg story as having known about the malicious chips and working with the FBI to investigate the matter.
Apple said it had refuted “virtually every aspect” of the story in on-record responses to Bloomberg. “Apple has never found malicious chips, ‘hardware manipulations’ or vulnerabilities purposely planted in any server,” the company said.
Bloomberg reported that the malicious chips were planted by a unit of the Chinese People’s Liberation Army, which infiltrated the manufacturing supply chain of American server supplier Super Micro Computer (Supermicro). The operation is thought to have been targeting valuable commercial secrets and government networks, the news agency said.
A representative for Supermicro at its European headquarters in the Netherlands said the company was unable to provide an immediate comment.
There have been increased concerns about foreign intelligence agencies infiltrating US and other companies via so-called “supply chain attacks”, particularly from China where multiple global tech firms outsource their manufacturing.
The US government on Wednesday warned that a hacking group widely known as cloudhopper, which Western cybersecurity firms have linked to the Chinese government, has launched attacks on technology service providers in a campaign to steal data from their clients.
The warning came after experts with two prominent US cybersecurity companies warned this week that Chinese hacking activity has surged amid the escalating trade war between Washington and Beijing.