[PLUG] The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Compa

Ron Guilmet on 4 Oct 2018 09:48:55 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[PLUG] The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies

From: Ron Guilmet <ronpguilmet@gmail.com>
To: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
Subject: [PLUG] The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies
Date: Thu, 04 Oct 2018 12:48:47 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=message-id:subject:from:reply-to:to:date:mime-version :content-transfer-encoding; bh=9qDenQflL1DeSlG6VxviHfSmY1CHkAy42NY7p1j739s=; b=XxL7RxUlnVlCAxZ4O01Q2LUBJeXNp910uPx0wI/UV4mo+OoowrypxlBRaQ1Tq6mhFw 0H9RSeLY4vNnEhsbS7IdaSMoMkVJTBZ/bs/mj8aeZTbrEvgZ5dD832T2rUr7UuI4ipzV yPVP19wtPZ2nYgvuon4P1LJ8JuB8qtxUHofxZl1MFH4f+hx+py2idLX/N/9YhyLBjFhW SZ35yKcJ1aSwyuF0WLKqsgf9MY4vWger0g1NExA8ZpXc/IcztIukf29MD/NpkMVm+sX0 chF/PYdsD3S+3ixofUNYdoos1/oNqCO7mCGcwE0x2pshsiyoYqi+xYnJFZ65ETaXLSi9 2v8A==
Reply-to: ronpguilmet@gmail.com, Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
Sender: "plug" <plug-bounces@lists.phillylinux.org>

The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies

The Supermicro attack

The attack by Chinese spies reached almost 30 U.S. companies, including
Amazon and Apple, by compromising America’s technology supply chain,
according to extensive interviews with government and corporate
sources.

Since the implants were small, the amount of code they contained was
small as well. But they were capable of doing two very important
things: telling the device to communicate with one of several anonymous
computers elsewhere on the internet that were loaded with more complex
code; and preparing the device’s operating system to accept this new
code.

1. A Chinese military unit designed and manufactured microchips as
small as a sharpened pencil tip. Some of the chips were built to look
like signal conditioning couplers, and they incorporated memory,
networking capability, and sufficient processing power for an attack.

2. The microchips were inserted at Chinese factories that supplied
Supermicro, one of the world’s biggest sellers of server motherboards.

3. The compromised motherboards were built into servers assembled by
Supermicro.

4. The sabotaged servers made their way inside data centers operated by
dozens of companies.

5. When a server was installed and switched on, the microchip altered
the operating system’s core so it could accept modifications. The chip
could also contact computers controlled by the attackers in search of
further instructions and code.

Link to article

https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies

___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:
- Re: [PLUG] The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies
  - From: Rich Freeman <r-plug@thefreemanclan.net>
- Re: [PLUG] The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies
  - From: "K.S. Bhaskar" <ksbhaskar@gmail.com>
- Re: [PLUG] The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies
  - From: Eric Lucas <eric@lucii.org>

Prev by Date: Re: [PLUG] Thunderbird questions
Next by Date: Re: [PLUG] The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies
Previous by thread: Re: [PLUG] Thunderbird questions
Next by thread: Re: [PLUG] The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies
Index(es):
- Date
- Thread