Do you own a device which has been manufactured in china?
Your computer, Smartphone, music system ? How much do you trust on them !!
I am pretty sure you would have watched that across different social media platform. According to him China stopped being a cheap market long time ago.
It is not the cost but the aggregation of different technology and resources at a single place which makes China as the preferred choice of this trillion-dollar company.
China and technology controversies
Indeed Apple and many other multinational companies are having manufacturing units in china or they import the component and assemble locally. In spite of being leader in manufacturing China remained always in the center of controversies regarding security and theft of technology.
Latest one in this chain is the report from Bloomberg that China Used a Tiny Chip to Infiltrate almost 30 U.S. Companies including Apple, Amazon.
How It began?
Device can be hacked at software or hardware level.
While either way can cause substantial damage but it is relatively much complex to identify a hardware level hacking. It requires a detailed inspection and might be possible that you never get a trace of that.
One of the highlighted product of Elemental Technologies was software for compressing massive video files and formatting them for different devices.
This technology had helped stream the 2012 Summer Olympic Games online, 4K HEVC video streaming of the 2013 Osaka Marathon which is an annual marathon road running event for men and women in the city of Osaka, Japan.
It was a big feat of achievement then, paving way for high quality video streaming services.
Elemental and CIA association starts with Elemental and In-Q-It partnership.
In-Q-It is venture capital firm that invests in high-tech companies for the sole purpose of keeping the Central Intelligence Agency, and other intelligence agencies, equipped with cutting-edge technologies.
Elemental had released video server in 2009 that was based on GPU utilization for video on demand (VOD) trans-coding. Which were having benefits include conversion speed, reduced power usage, less physical space.
Elemental servers were subsequently used in various secure capacities, including by the United States Department of Defense, the United States Navy, NASA, the United States Congress and the Department of Homeland Security.
Its video streaming technology also helped in communicate with the International Space Station, and funnel drone footage to the Central Intelligence Agency.
Now, you would be wondering how this get connected to Chinese manufacturer when It is having business in USA and Europe?
Actually these servers were assembled for Elemental by Super Micro Computer Inc which is a San Jose-based company. Supermicro is known as the world’s biggest suppliers of server motherboards. It is having more than 900 customers across hundreds of country in the world.
To sum up it’s the Microsoft of hardware world.
Supermicro was having contract with Chinese manufacturers to assemble servers.
By 2015, Elemental servers were in use at different multinational and government offices including CIA. In the same year Amazon was in process of expending and building its video subscription service known as Amazon prime.
This lead Amazon close to Elemental Technology. At the same time Amazon was building AWS and it was realized that Elemental technologies align very much in line with the Amazon vision in space of highly secure cloud service. AWS hired a third party company to scrutinize Elemental’s security this was preliminary step towards acquisition of Elemental Technology by AWS.
In order to deal with issue AWS took closer look at the flagship servers of Elemental that was installed at different customers site to handle the video compression service.
“In late spring of 2015, Elemental’s staff boxed up several servers and sent them to Ontario, Canada, for the third-party security company to test.
Nested on the servers’ motherboards, the testers found a tiny microchip, not much bigger than a grain of rice, that wasn’t part of the boards’ original design.
Amazon reported the discovery to U.S. authorities, sending a shudder through the intelligence community. “
Source : Bloomberg
As per the people associated with investigation this might have got inserted at factories run by manufacturing subcontractor in China.
Hardware based attack are rare and at the same time it can be highly devastating. It requires in depth scrutiny right from ground level component.
According to Bloomberg
U.S. investigators have found that the chips had been inserted during the manufacturing process, two officials say, by operatives from a unit of the People’s Liberation Army. U.S. officials describes it as the most significant supply chain attack known to have been carried out against American companies.
In simplified terms, the implants on Supermicro hardware manipulated the core operating instructions that tell the server what to do as data move across a motherboard
Investigators have found that it eventually affected almost 30 companies, including a major bank, government contractors, and the world’s most valuable company, Apple Inc.
Apple was an important Supermicro customer and had planned to order more than 30,000 of its servers in two years for a new global network of data centers.
On obvious side, in a separate mail in response to Bloomberg report Apple and Amazon both denied the fact that they were knowing about malicious chip.