The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies

[nir]

The attack by Chinese spies reached almost 30 U.S. companies, including Amazon and Apple, by compromising America’s technology supply chain, according to extensive interviews with government and corporate sources.

 

In 2015, Amazon.com Inc. began quietly evaluating a startup called Elemental Technologies, a potential acquisition to help with a major expansion of its streaming video service, known today as Amazon Prime Video. Based in Portland, Ore., Elemental made software for compressing massive video files and formatting them for different devices. Its technology had helped stream the Olympic Games online, communicate with the International Space Station, and funnel drone footage to the Central Intelligence Agency. Elemental’s national security contracts weren’t the main reason for the proposed acquisition, but they fit nicely with Amazon’s government businesses, such as the highly secure cloud that Amazon Web Services (AWS) was building for the CIA.

 

To help with due diligence, AWS, which was overseeing the prospective acquisition, hired a third-party company to scrutinize Elemental’s security, according to one person familiar with the process. The first pass uncovered troubling issues, prompting AWS to take a closer look at Elemental’s main product: the expensive servers that customers installed in their networks to handle the video compression. These servers were assembled for Elemental by Super Micro Computer Inc., a San Jose-based company (commonly known as Supermicro) that’s also one of the world’s biggest suppliers of server motherboards, the fiberglass-mounted clusters of chips and capacitors that act as the neurons of data centers large and small. In late spring of 2015, Elemental’s staff boxed up several servers and sent them to Ontario, Canada, for the third-party security company to test, the person says.

 

Read the full article at the source.

 

Source

 

Also read the denial:

Chinese spy chips are found in hardware used by Apple, Amazon, Bloomberg says; Apple, AWS say no way

 

[straycat19]

Those companies should vet all their hardware just like the government does.  Not one piece of computer equipment gets into our organization without going through the computer engineers for compliance certification, that includes desktops, laptops, cell phones, tablets, raspberry pi, etc.  If it isn't certified it doesn't get past security into the building.

[steven36]

2 hours ago, straycat19 said:

Those companies should vet all their hardware just like the government does.  Not one piece of computer equipment gets into our organization without going through the computer engineers for compliance certification, that includes desktops, laptops, cell phones, tablets, raspberry pi, etc.  If it isn't certified it doesn't get past security into the building.

The Government have the money  to do all that,  because they don't have to pay for it,  the tax payers do  , The FCC needs to pass new laws not allowing  China spy chips to be imported in the USA , Electronics is regulated by the FCC  they  are the ones who are allowing them to ship it,  so the Government are to blame too.     . Because Big Tech are  the  problem , Amazon is into buying and  selling it as cheap they can  and  apple is into  making it as cheap as they can and selling it as high as they can.  Business  cut corners anyway they can,  they buy it  as cheap as they can,  even refurbished for more expensive stuff.   But  the OP is about something  happen in 2015 soon Amazon will run out of Chinese  stock , and will  be  buying goods  from Twain or are somewhere  else . The plants are leaving China because of tariffs  ..

 

Also this is hurting China no crime goes unpunished

 

Trump Advisers Weigh Hacking Sanctions on Chinese Entities

https://www.bloomberg.com/news/articles/2018-09-07/trump-advisers-said-to-weigh-hacking-sanctions-on-china-in-trade

 

2015 was stuff happen under Obama's watch but Big tech denies it ever happen.

[DKT27]

I'm saying this from years, do not just look after countries but look after individual companies too. There are some well known companies known to spy on the users and users need to avoid them. Just because their products are cheap does not mean they are secure to use.

 

Another thing, a lot of questions have been raised at the authenticity of this. My personal view is that the source which has released this story is quite biased, but their reporting has always been top level and I have always found them authentic I think.