Chinese operatives allegedly poisoned the technical supply chain of major US companies, including Apple and Amazon by planting a microchip on their servers manufactured abroad, according to a Bloomberg report today. The story claims that one chip, which was assembled for a company called Elemental by a separate company called Super Micro Computer, would allow attackers to covertly modify these servers, bypass software security checks, and, essentially, give the Chinese government a complete backdoor into these companies’ networks.
Affected companies are vigorously disputing the report, claiming they never discovered any malicious hardware or reported similar issues to the FBI. Even taking the Bloomberg report at its word, there are significant unanswered questions about how widely the chip was distributed and how the backdoor access was used.
But the mere idea of a malicious chip implant has already sent shock waves through the security world, which has traditionally focused on software attacks. Nicholas Weaver, a professor at Berkeley’s International Computer Science Institute described an alarming attack. “My initial reaction was ‘HOLY FUCKING SHIT’ [sic],” Weaver told The Verge. “This is a ‘god mode’ exploit in the system management subsystem.”
Security experts have warned for years that the hardware supply chain is at risk, especially considering that China has a monopoly on parts and manufacturing. Up until now, though, we haven’t seen a widespread attack on US companies, as Bloomberg claims to have found. There’s no real way to prevent a hardware attack like this, sources tell The Verge, unless the tech industry wants to drastically rethink how it gets its components and brings products to market.
Katie Moussouris, founder and CEO of Luta Security, says an attacker could use this kind of malicious implant to bypass all software protections, a doomsday scenario for defenders. “If you manage to put something in place in hardware, not only is it difficult to detect, it’s also something that can bypass even the most sophisticated software security measures,” Moussouris told The Verge.
The result requires an entirely new kind of defense, replacing code audits and bug-hunting with checks for physical interference at the hardware level. Jake Williams, the founder of Rendition Infosec, says it would be an entirely new approach for security teams. “We have a bigger fundamental problem,” Williams says, “which is that this stuff is wicked hard to detect and we don’t have tools to do that.”
In some ways, the attacks borrow techniques from jailbreaking, breaking the chain of trust between the hardware and the software instead of attacking the software itself. George Hotz, the legendary jailbreaker-turned-self-driving-entrepreneur, was skeptical of the Bloomberg story, but said a successful supply-chain attack would still be nearly impossible to mitigate with conventional security tools. “If you cannot trust your hardware, you cannot trust anything that the hardware checks,” Hotz says. “Fundamentally, there is no way to check for this in software.”
It’s hard to say how companies like Apple and Amazon could adapt to these new risks. On the hardware level, strange behavior would be like trying to detect a heart murmur. There might be small anomalies every so often, but none would immediately cause alarm. And researchers looking for bugs might not be much help, either. Even if they could get these parts from Supermicro, for example, they’d need enough money and enough supply to run tests. Once you crash or damage a piece of hardware, it’s impossible to start over again, which make conventional bug bounties hard to implement.
Instead, Moussouris says supply chain risks are a reality we have to accept. Companies have already made their compromise; in exchange for cheap parts, they take the supply chain risk.
“We’ve made choices to outsource the manufacturer of a lot of components in order to be able to get them to market and have them be a viable product,” she says. “Making sure that we understand that we’ve made these tradeoffs is the part that might be taking people by surprise.”