Skip to main content
The Globe and Mail
Support Quality Journalism.
The Globe and Mail
First Access to Latest
Investment News
Collection of curated
e-books and guides
Inform your decisions via
Globe Investor Tools
Just$1.99
per week
for first 24 weeks

Enjoy unlimited digital access
Enjoy Unlimited Digital Access
Get full access to globeandmail.com
Just $1.99 per week for the first 24 weeks
Just $1.99 per week for the first 24 weeks
var select={root:".js-sub-pencil",control:".js-sub-pencil-control",open:"o-sub-pencil--open",closed:"o-sub-pencil--closed"},dom={},allowExpand=!0;function pencilInit(o){var e=arguments.length>1&&void 0!==arguments[1]&&arguments[1];select.root=o,dom.root=document.querySelector(select.root),dom.root&&(dom.control=document.querySelector(select.control),dom.control.addEventListener("click",onToggleClicked),setPanelState(e),window.addEventListener("scroll",onWindowScroll),dom.root.removeAttribute("hidden"))}function isPanelOpen(){return dom.root.classList.contains(select.open)}function setPanelState(o){dom.root.classList[o?"add":"remove"](select.open),dom.root.classList[o?"remove":"add"](select.closed),dom.control.setAttribute("aria-expanded",o)}function onToggleClicked(){var l=!isPanelOpen();setPanelState(l)}function onWindowScroll(){window.requestAnimationFrame(function() {var l=isPanelOpen(),n=0===(document.body.scrollTop||document.documentElement.scrollTop);n||l||!allowExpand?n&&l&&(allowExpand=!0,setPanelState(!1)):(allowExpand=!1,setPanelState(!0))});}pencilInit(".js-sub-pencil",!1); // via darwin-bg var slideIndex = 0; carousel(); function carousel() { var i; var x = document.getElementsByClassName("subs_valueprop"); for (i = 0; i < x.length; i++) { x[i].style.display = "none"; } slideIndex++; if (slideIndex> x.length) { slideIndex = 1; } x[slideIndex - 1].style.display = "block"; setTimeout(carousel, 2500); } //

Apple Inc. and Amazon.com Inc. denied a Bloomberg report on Thursday that their systems had been infiltrated by malicious computer chips inserted by Chinese intelligence, according to statements from the companies released by Bloomberg.

Bloomberg Businessweek cited 17 unidentified intelligence and company sources as saying that Chinese spies had placed computer chips inside equipment used by about 30 companies and multiple U.S. government agencies, which would give Beijing secret access to internal networks.

Representatives of Apple, the FBI and Department of Homeland Security could not be reached for comment by Reuters. A National Security Agency spokeswoman said she had no immediate comment.

Story continues below advertisement

China’s Ministry of Foreign Affairs did not respond to a written request for comment. Beijing has previously denied allegations of orchestrating cyber attacks against Western companies.

Apple said it had refuted “virtually every aspect” of the story in on-record responses to Bloomberg. “Apple has never found malicious chips, ‘hardware manipulations’ or vulnerabilities purposely planted in any server,” the company said. Amazon Web Services (AWS) said it found no issues.

Bloomberg said its report was accurate.

“Seventeen individual sources, including government officials and insiders at the companies, confirmed the manipulation of hardware and other elements of the attacks,” Bloomberg said in a statement. “We stand by our story and are confident in our reporting and sources.”

The story reported that malicious chips were planted by a unit of the Chinese People’s Liberation Army, which infiltrated the supply chain of computer hardware maker Super Micro Computer Inc. The operation is thought to have been targeting valuable commercial secrets and government networks, the news agency said.

In a blog post on the Bloomberg report, Amazon Web Services said: “At no time, past or present, have we ever found any issues relating to modified hardware or malicious chips in Super Micro motherboards in any Elemental or Amazon systems. Additionally, we have not engaged in an investigation with the government.”

Super Micro Computer shares fell 38 per cent to $13.26 in Pink Sheet trading. They had fallen as low as $8.50 earlier in the session.

Story continues below advertisement

San Jose, California-based Super Micro said it strongly denies reports that servers it sold to customers contained malicious microchips in the motherboards of those systems. It said it has never found any malicious chips, has not been informed by any customer that such chips have been found, and has never been contacted by any government agencies on the matter.

Bloomberg reported that AWS uncovered the malicious chips in 2015 when examining servers manufactured by a company known as Elemental Technologies, which AWS eventually acquired.

The investigation found that Elemental servers, which were assembled by Super Micro, were tainted with tiny microchips that were not part of their design, Bloomberg said. Amazon reported the matter to U.S. authorities, who determined that the chips allowed attackers to create “a stealth doorway” into networks using those servers, the story said.

AWS told Bloomberg it had re-reviewed its records related to the Elemental acquisition and “found no evidence to support claims of malicious chips or hardware modifications.”

Bloomberg also reported that Apple in 2015 found malicious chips in servers it purchased from the hardware maker, then stopped doing business with Super Micro in 2016 for reasons that were not related, citing three unidentified company insiders.

Apple denied the account, saying it had investigated the claims.

Story continues below advertisement

“On this, we can be very clear: Apple has never found malicious chips, ‘hardware manipulations’ or vulnerabilities purposely planted in any server,” Apple told Bloomberg.

The report coincides with the increasing concerns of authorities in the United States about foreign intelligence agencies infiltrating U.S. government agencies and private companies via so-called “supply chain attacks,” particularly from China where many global tech firms outsource their manufacturing.

The U.S. government on Wednesday warned that a hacking group widely known as cloudhopper, which Western cybersecurity firms have linked to the Chinese government, has launched attacks on technology service providers in a campaign to steal data from their clients.

Two prominent U.S. cybersecurity companies warned this week that Chinese hacking activity has surged amid a trade war between Washington and Beijing.

Your Globe

Build your personal news feed

  1. Follow topics and authors relevant to your reading interests.
  2. Check your Following feed daily, and never miss an article. Access your Following feed from your account menu at the top right corner of every page.

Follow topics related to this article:

View more suggestions in Following Read more about following topics and authors
Report an error
Tickers mentioned in this story
Due to technical reasons, we have temporarily removed commenting from our articles. We hope to have this fixed soon. Thank you for your patience. If you are looking to give feedback on our new site, please send it along to feedback@globeandmail.com. If you want to write a letter to the editor, please forward to letters@globeandmail.com.

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff.

We aim to create a safe and valuable space for discussion and debate. That means:

  • Treat others as you wish to be treated
  • Criticize ideas, not people
  • Stay on topic
  • Avoid the use of toxic and offensive language
  • Flag bad behaviour

If you do not see your comment posted immediately, it is being reviewed by the moderation team and may appear shortly, generally within an hour.

We aim to have all comments reviewed in a timely manner.

Comments that violate our community guidelines will not be posted.

Read our community guidelines here

Discussion loading ...

To view this site properly, enable cookies in your browser. Read our privacy policy to learn more.
How to enable cookies