Recent US concerns about Chinese cellphone-maker ZTE producing phones susceptible appear to be just the beginning. Amazon uncovered a vast program by the Chinese to hack US-bound computer servers by installing a secret chip that unlocked them for the Chinese. The extent of the threat is unprecedented.
It’s only the size of a grain of rice or the tip of a pencil but it has the power to unlock the computers that run the databases, websites and software that form the backbone of the United States government and private sector computer networks. This chip is a key that many now believe was placed secretly by the Chinese government so that they could hack into and take over any computer system connected to it. It sounds like frightening science fiction but it may be so much worse.
Hardware Audit Uncovers Integrated Spyware
In a stunning and detailed expose by Bloomberg Businessweek, the authors describe how as part of an audit of a hardware manufacturer they were considering buying, Amazon discovered something unexpected on their computer servers – a tiny computer chip that wasn’t part of the original plans and didn’t belong on the computer’s motherboard with the hundreds of other chips and components that make it or any computer function.
This chip was fully integrated into the rest of the hardware so that the computer now functioned differently. Whomever placed it there would have to reverse engineer the original design so that they could properly incorporate this new functionality without disrupting the original purpose of the computer. Once installed at the client and powered on, the chip would grant access to the hacker, download instructions and additional software and compromise the entire computer network the computer server was connected to. This chip acts as a skeleton key for any server it is placed on.
The Only Explanation: Chinese State Sponsored Hacking
In their interview with experts, the Bloomberg authors go onto explain the stunning sophistication necessary to accomplish a hardware hack. It would involve the Chinese government, the Chinese military and private manufacturers in China working as part of the supply chain for American companies. Almost 30 companies including Amazon and Apple were affected by the hack involving server manufacturer Supermicro who sell more server motherboards than almost anyone else. The investment would have taken millions of dollars and years of effort to accomplish but would grant the Chinese secret access to the computers of America’s top companies and government entities.
The Chinese government denies any involvement and claims that they too are a victim of this hack by unknown parties but multiple experts in the American intelligence community dispute this and offer compelling arguments to support their assertion that a hardware hack of this scale could only happen with state sponsorship. It remains to be seen if this hack and other threats from Chinese manufacturing will result in American companies bringing more sensitive manufacturing back to domestic factories, but it’s unclear if even that would be enough A the Supermicro headquarters in San Jose, CA, most of the employees are Chinese, the dominant spoken language is Mandarin and it might not be possible for many parts of the high tech supply chain to function without Chinese involvement.
So What Should You Do?
At MyProfyle, we believe this threat is further proof that everyone’s information is at risk from many different sources and that we are all exposed multiple times per year. The solution to identity fraud is not to try to lock your identity or seek unobtainable privacy but to control your identity – not just your credit – by putting yourself in the position know of, approve or decline activity conducted in your name. That’s MyProfyle Free For Life ™ Identity Protection.