• New Evidence Of Chinese Spy Hardware Found By Ex-Mossad Investigators;

    From Virus Guy@1:396/4 to All on Tue Oct 9 03:11:28 2018
    From: Virus Guy <Virus@Guy.C0M>

    New Evidence Of Chinese Spy Hardware Found By Ex-Mossad Investigators;
    Super Micro Shares Plunge

    Tue, 10/09/2018 - 12:15

    A major US telecommunications company found "manipulated" hardware from
    Super Micro Computer Inc. in its network in August - bolstering claims
    in a Bloomberg report last week alleging that China installed bugging
    devices on hardware bought by Apple, Amazon and a host of other companies.

    According to a new report by Bloomberg, the unnamed telecom company
    hired former Israeli Intelligence Corps security expert Yossi Appleboum,
    now of Maryland-based Sepio Systems, who provided "documents, analysis
    and other evidence of the discovery" following last week's report
    detailing how China's intelligence agencies had ordered subcontractors
    to install malicious chips in Super Micro motherboards between 2013 and

    Sepio Systems' board includes former Mossad director, Tamir Pardo, and
    its advisory board includes former CIA chief information security
    officer Robert Bigman.

    Israeli Army Intelligence Corps and is now co-chief executive
    officer of Sepio Systems in Gaithersburg, Maryland. His firm
    specializes in hardware security and was hired to scan several large
    data centers belonging to the telecommunications company.

    Bloomberg is not identifying the company due to Appleboum's
    nondisclosure agreement with the client. Unusual communications from a Supermicro server and a subsequent physical inspection revealed an
    implant built into the server's Ethernet connector, a component that's
    used to attach network cables to the computer, Appleboum said. -Bloomberg

    Appleboum says that Super micro "is a victim -- so is everyone else,"
    and that he has seen "similar manipulations of different vendors'
    computer hardware made by contractors in China," according to Bloomberg.
    He adds that his concern is that there are numerous points in the supply
    chain in China where hardware can be manipulated - which are virtually impossible to track down. "That's the problem with the Chinese supply
    chain," said Appleboum.

    Based on his inspection of the device, Appleboum determined that
    the telecom company's server was modified at the factory where it was manufactured. He said that he was told by Western intelligence contacts
    that the device was made at a Supermicro subcontractor factory in
    Guangzhou ... The tampered hardware was found in a facility that had
    large numbers of Supermicro servers, and the telecommunication company's technicians couldn't answer what kind of data was pulsing through the
    infected one, said Appleboum, who accompanied them for a visual
    inspection of the machine.


    The manipulation of the Ethernet connector appeared to be similar
    to a method also used by the U.S. National Security Agency, details of
    which were leaked in 2013. In e-mails, Appleboum and his team refer to
    the implant as their “old friend,” because he said they had previously
    seen several variations in investigations of hardware made by other
    companies manufacturing in China. -Bloomberg

    In response to the new evidence, Supermicro said in a statement: "The
    security of our customers and the integrity of our products
    are core to our business and our company values. We take care to secure
    the integrity of our products throughout the manufacturing process, and
    supply chain security is an important topic of discussion for our
    industry. We still have no knowledge of any unauthorized components and
    have not been informed by any customer that such components have been
    found. We are dismayed that Bloomberg would give us only limited
    information, no documentation, and half a day to respond to these new allegations."

    Shares of Super Micro dropped as much as 27% in Tuesday trading, and are
    down approximately 45% since October 3, before the initial Bloomberg
    story hit the next day.

    Super Micro strongly refuted the initial Bloomberg report, while both US
    and UK intelligence officials put out statements over the last several
    days in support of Amazon, Apple and Super Micro - who say it never

    As Bloomberg notes - the new manipulation is different from the one
    described last week, however it shares key characteristics: "They're
    both designed to give attackers invisible access to data on a computer
    network in which the server is installed; and the alterations were found
    to have been made at the factory as the motherboard was being produced
    by a Supermicro subcontractor in China."

    Appleboum said that he's consulted with intelligence agencies
    outside the U.S. that have told him they've been tracking the
    manipulation of Supermicro hardware, and the hardware of other
    companies, for some time. In response to the Bloomberg Businessweek
    story, the Norwegian National Security Authority said last week that it
    had been "aware of an issue" connected to Supermicro products since
    June. It couldn't confirm the details of Bloomberg's reporting, a
    statement from the authority said, but it has recently been in dialogue
    with partners over the issue. -Bloomberg

    Manipulated hardware is extremely difficult to detect, which as led intelligence agencies around the world to invest billions of dollars in
    such sabotage. The United States is known to have implemented extensive programs to "seed technology headed to foreign countries with spy
    implants," according to revelations by former CIA employee Edward
    Snowden - however China now appears to be sneaking their own versions
    onto hardware made within their borders.

    Three security experts who have analyzed foreign hardware implants
    for the U.S. Department of Defense confirmed that the way Sepio's
    software detected the implant is sound. One of the few ways to identify suspicious hardware is by looking at the lowest levels of network
    traffic. Those include not only normal network transmissions, but also
    analog signals -- such as power consumption -- that can indicate the
    presence of a covert piece of hardware. -Bloomberg

    The goal of the spy implants is to establish a "covert staging area"
    within sensitive networks, which is what Appleboum says was happening in
    the new case. Once the implant was identified and the server removed,
    Sepio's tream was unable to perform further analysis on the chip.

    One problem, according to national security experts, is that in a cybersecurity industry approaching $100 billion in revenue, very little
    effort has been made to inspect and detect hardware tampering. This has allowed intelligence agencies around the world to manipulate hardware virtually unfettered.

    --- NewsGate v1.0 gamma 2
    * Origin: News Gate @ Net396 -Huntsville, AL - USA (1:396/4)