Chinese hacking chip on Super Micro server boards

It is no real secret that the goal of Chinese state-sponsored Advanced Persistent Threats (APTs) is to support the Chinese government’s goal of rapid development for economic reasons.

This is why the J-20 looks like the F-22 and the J-31 looks like the F-35, why the PLA Navy’s latest trimaran frigate looks a lot like the Independence Class Littoral Combat Ship. It is also why the J-14 looks like a Sukoi, and why Russia has called out China in the past for stealing Russian intellectual property.

China steals IP, because the leaders of China need rapid advancement across multiple industries to create the future China which is a world power strong enough to create a “multi-polar world” where China counterbalances the US.

So, did China modify server motherboards being manufactured for specific clients in the US? Oh hell yes they did, no matter what Apple and Amazon say about it, it happened. Were Apple and Amazon targeted? Hell yes, but since both of those companies have huge economic ties to China, they aren’t going to admit it.

Full disclosure, as I type this I’m not ten feet away from my own server that has a Super Micro mother board in it. I have no idea whether my motherboard is on the list of compromised units or not, and I have no idea how to go about identifying whether or not my board has a component in it that it shouldn’t have. If the Chinese get into my home lab, its not like they’ll find anything valuable.

But, to explain further how something like this comes about, when a corporation that has IP that China wants, and that corporation makes a big purchase of a custom motherboard, it is in China’s best interest to conduct a supply chain attack to pre-position a vulnerability to let their APTs into the target corporations network. The Chinese so far haven’t been planting malware (like some other countries) as their entire government strategy is to avoid conflict with the United States. In their perspective, the US will put up with the spying as long as there is enough profit for the US to gain from a continued relationship with China. In short, China is making the theft of IP just part of the cost of doing business with China.

So why now? Anyone in the industry has known this is going on for years. I think that there are two distinct possibilities. 1, the Trump administration wanted to let the American public know why he is risking a full on trade war with China. 2, sheer coincidence that a major media outlet put together a big story that took over social media for a few days.

So, is your computer vulnerable? Yes, it is vulnerable to something. So practice good cyber hygiene, try to be “uninteresting” out there in cyberspace, and hopefully the huge corporations that have your data (google, facebook, amazon) encrypt your records properly.

This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s