Markets

Apple tells Congress that China has not hacked its servers

Apple tells Congress that China has not hacked its servers

So far, Apple and other tech giants have made multiple statements denying the claims of their servers being compromised by Chinese spy chips.

The DHS issued its statement one day after The U.K.'s cybersecurity agency, the National Cyber Security Centre, came to a similar conclusion.

Claims of the attack emerged in Bloomberg Businesweek, which last week reported 17 unidentified intelligence and company sources as saying that Chinese spies had placed computer chips inside equipment used by around 30 companies, as well as multiple USA government agencies.

"The NCSC engages confidentially with security researchers and urges anybody with credible intelligence about these reports to contact us", it said.

The department of homeland security in the United States said it was "aware of the media reports of a technology supply chain compromise" which alleged that dozens of firms had been compromised by the secret spy chip inserted during the manufacturing process.

Both Amazon and Apple strongly refute the story.




Apple has also supplied a letter to US Congress at this point, stating that no evidence was found to support claims of tampered motherboards.

The compromised boards in question were supposedly manufactured by Super Micro Computer Inc., a company that denied Bloomberg's reporting in the standard press release format.

Apple and Amazon, the largest two companies which were connected to the allegedly affected supplier Super Micro, issued strong denials in response to the report last week.

The letter follows statements on Friday by Britain's National Cyber Security Centre and on Saturday by the U.S. Department of Homeland Security that those agencies have no reason to doubt denials from Apple and Amazon.com Inc that they had discovered backdoored chips.

"In essence, this story seems to pass the sniff test", says Theo Markettos, who is on the security team at Cambridge University's Computer Lab. However, Apple, Supermicro, and AWS have denied the allegations, with Apple publishing an unambiguous statement that completely rejects the notion of malicious chips being found in any servers. In the case of China specifically, a series of New York Times articles in late 2013 and early 2014 accused the news service of killing some China-related stories for fear of angering its leaders and losing not only its journalistic access, but a countries' worth of Bloomberg Terminal financial business.

And so far, no one has produced a Supermicro circuit board with a spy chip embedded in it. Bloomberg claimed that almost 30 companies were affected by the attacks, so you might expect someone at at least one of those companies to report finding a modified board-again, as far as we know, this hasn't happened.