Cyber security: greetings from Beijing


Contents page 1 — greetings from Beijing page 2 — “This goes in the direction of mass surveillance” On a page

read Not even the script writer of the Bond films, whose Plots are often far-fetched, would probably in such a perverse idea. Software manipulations, clearly, was a preferred weapon of the adversary of 007, the last time in Skyfall in 2012: As the villain Silva is hacking repeatedly in the network of the British secret service, he makes a bomb in MI6 Headquarters to go upstairs and opens later the closed doors of the glass cell, in which he was locked. The basic hypothesis of all the newer Bond movies is, finally, an analog Hero like 007 can no longer stand against the purely digital and therefore largely non-physical threats of the present.

If the Hypothesis is true, so you can penetrate into reality and not only in fiction from the outside through the network in (almost) every computer in the world via a Software Hack, who would try to because of the effort of physical Manipulation of the Hardware? The Chinese army allegedly. You should have installed, according to a report by the U.S. magazine Bloomberg Businessweek espionage chips in the servers of an American computer manufacturer called Supermicro to suspected data of its customers. It was discovered the malicious Hardware according to Bloomberg, in the year 2015, but it was not until the publication of the Search on Thursday of the use of harmful Hardware.

main characters of the story are two prominent customer of Supermicro: Amazon and Apple. They found at that time, according to the report, independently lead large Chips on the circuit boards of the computer manufacturer, one of the largest in the world behind Dell and HP Enterprise. Apple used centers the servers in small data and planned to buy more, as the tech have discovered a company with the unusual Hardware. The online retailer Amazon, in turn, operates with the company’s subsidiary Amazon Web Services (AWS) is the world’s most successful Cloud Computing Service, and countless server farms in use, had found the Chips, as it had reviewed the processes of the company Elemental Technologies, to buy it thought (and, later, actually took over).

message with blemish

The malicious Hardware was able to interact with other computers and change the old Code in the operating system, says Bloomberg. To the Server could not be manipulated so that they grant, for example, to passwords, questions and your attackers in the worst case, full access to all of the machine’s current data. Possible that would be, because the Chips should be installed at a sensitive point, namely the Baseboard Management Controller, a micro-controller that sits at the interface between the Software and the Hardware. Whether today appropriate spying chips are in servers that are available, is unclear.

According to Bloomberg, the company gave the information about the alleged spying chips on the US intelligence services. Who were the components then back to bribed a unit of the Chinese army, the employees of suppliers or blackmailed, so they built the harmful parts.

For your article have, the Bloomberg journalists according to their own figures with 17 people spoke, including former government employees, AWS experts and Apple insiders. You could have viewed in addition, internal and public documents, to prove the above discussions, the evidence collected, at least partially.

However, Amazon and Apple to deny the content. You will not find fault with small Details, as it is otherwise known in the case of such articles, but the main components of the Research.

Amazon writes in a Statement that Bloomberg published in addition, it is unlikely that you have found on the servers of the subsidiary company Elemental damaging Chips or Hardware changes. It is also true that the company knew its own Cloud Service AWS servers with the appropriate Chips and you have worked together with the FBI.

Apple stated that it was deeply disappointed by the reporters, who had not moved during the one-year Research, whereas their sources were probably wrong about that. Apple have also never discovered harmful Chips, Hardware tampering, or security holes that had been deliberately, in a Server placed. What is Bloomberg writing about the company, is not correct.

How plausible is this report? The security expert Stefan Mangard find the clear denials by the company by surprise. “It is very disadvantageous, if the company denies a Hack, and at the end it turns out that it was him,” says the Professor of security systems at the TU Graz. The typical strategy of the affected company is, therefore, now to inform the Public if a security breach had occurred. The denials do not speak against the allegations made in the Bloomberg report, especially since Amazon and Apple wegkämen in it bad.


Please enter your comment!
Please enter your name here