Late last week, Bloomberg reported about a Chinese spy chip that was allegedly found in SuperMicro servers. Not a lot of hard evidence was provided and now the news agency doubles down with a new claim that a U.S. telecom firm discovered a manipulated Ethernet connector in Supermicro hardware.
Security expert Yossi Appleboum, co-CEO of Sepio Systems, claims they discovered a tiny computer inside a modified Ethernet connector:
Appleboum said one key sign of the implant is that the manipulated Ethernet connector has metal sides instead of the usual plastic ones. The metal is necessary to diffuse heat from the chip hidden inside, which acts like a mini computer. "The module looks really innocent, high quality and 'original' but it was added as part of a supply chain attack," he said.
The goal of hardware implants is to establish a covert staging area within sensitive networks, and that's what Appleboum and his team concluded in this case. They decided it represented a serious security breach, along with multiple rogue electronics also detected on the network, and alerted the client's security team in August, which then removed them for analysis. Once the implant was identified and the server removed, Sepio's team was not able to perform further analysis on the chip.
The report alleges that there are many points in the supply chain in China where manipulations to hardware can be introduced. In a written statement, Supermicro claims they have no knowledge of any unauthorized components and have not been informed by any customers that such components have been found. Appleboum claims Supermicro isn't the only one impacted by this sort of supply chain attack.