While many of our national security concerns seem to be revolving around the Russian influence in our electoral process, a new threat has emerged in the east, and it’s terrifying in its magnitude.
I’m speaking of course about China, a nation whose name comes off of the President’s tongue with the blunt fury of a Harlem-born boxer. While touting his diplomatic work with the world’s most populous nation, President Trump has also been sure to draw a hard and firm line in the sand when needed. In the South China Sea, where territorial tensions are seemingly always on the cusp of explosion, the US is maintaining a strong enough presence to keep things civil, and the President’s “trade war” has been paying dividends in recent days.
A new report, however, has thrown a monkey wrench into our familial hopes for a productive, working relationship with China.
A major U.S. telecommunications company discovered manipulated hardware from Super Micro Computer Inc. in its network and removed it in August, fresh evidence of tampering in China of critical technology components bound for the U.S., according to a security expert working for the telecom company.
The security expert, Yossi Appleboum, provided documents, analysis and other evidence of the discovery following the publication of an investigative report in Bloomberg Businessweek that detailed how China’s intelligence services had ordered subcontractors to plant malicious chips in Supermicro server motherboards over a two-year period ending in 2015.
Appleboum previously worked in the technology unit of the Israeli Army Intelligence Corps and is now co-chief executive officer of Sepio Systems in Gaithersburg, Maryland. His firm specializes in hardware security and was hired to scan several large data centers belonging to the telecommunications company. Bloomberg is not identifying the company due to Appleboum’s nondisclosure agreement with the client. Unusual communications from a Supermicro server and a subsequent physical inspection revealed an implant built into the server’s Ethernet connector, a component that’s used to attach network cables to the computer, Appleboum said.
The executive said he has seen similar manipulations of different vendors’ computer hardware made by contractors in China, not just products from Supermicro. “Supermicro is a victim — so is everyone else,” he said. Appleboum said his concern is that there are countless points in the supply chain in China where manipulations can be introduced, and deducing them can in many cases be impossible. “That’s the problem with the Chinese supply chain,” he said.
And it gets worse…
The tampered hardware was found in a facility that had large numbers of Supermicro servers, and the telecommunication company’s technicians couldn’t answer what kind of data was pulsing through the infected one, said Appleboum, who accompanied them for a visual inspection of the machine. It’s not clear if the telecommunications company contacted the FBI about the discovery. An FBI spokeswoman declined to comment on whether it was aware of the finding.
AT&T Inc. spokesman Fletcher Cook said, “These devices are not part of our network, and we are not affected.” Verizon Communications Inc. had no immediate comment on whether the malicious component was found in one of its servers. T-Mobile U.S. Inc. and Sprint Corp. didn’t respond to requests for comment.
No word yet on the full ramifications of this discovery in our everyday, digital world.