Apple tillbakavisar Bloombergs uppgifter om att Kina skulle ha lyckats att plantera microchip, avsedda för avlyssning, i Apples servrar.
Bloomberg hävdar att de små, risgrynsstora kretsarna, hittades vid en genomgång av företaget Elementals servrar. Samma kretsar uppges ha hittats i servrar som används av både Apple och Amazon.
In late spring of 2015, Elemental’s staff boxed up several servers and sent them to Ontario, Canada, for the third-party security company to test, the person says.
Nested on the servers’ motherboards, the testers found a tiny microchip, not much bigger than a grain of rice, that wasn’t part of the boards’ original design. Amazon reported the discovery to U.S. authorities, sending a shudder through the intelligence community. Elemental’s servers could be found in Department of Defense data centers, the CIA’s drone operations, and the onboard networks of Navy warships. And Elemental was just one of hundreds of Supermicro customers.
Kretsarna ska ha installerats i servarna av kinesiska hackare för att kunna avlyssna trafiken till och från servrarna och serverhallarna.
During the ensuing top-secret probe, which remains open more than three years later, investigators determined that the chips allowed the attackers to create a stealth doorway into any network that included the altered machines. Multiple people familiar with the matter say investigators found that the chips had been inserted at factories run by manufacturing subcontractors in China.
Bloombergs uppgifter förnekas kategoriskt av alla de namngivna företagen, inklusive Apple:
“On this we can be very clear: Apple has never found malicious chips, ‘hardware manipulations’ or vulnerabilities purposely planted in any server.”
Även Amazon och Elemental förnekar uppgifterna.
I ett uttalande till NBC så säger Apple:
“We are deeply disappointed that in their dealings with us, Bloomberg’s reporters have not been open to the possibility that they or their sources might be wrong or misinformed. Our best guess is that they are confusing their story with a previously reported 2016 incident in which we discovered an infected driver on a single Super Micro server in one of our labs. That one-time event was determined to be accidental and not a targeted attack against Apple.”