DataCenterNews Asia Pacific logo
Specialist data center news for Asia Pacific
Story image

Chinese espionage: Sweating Apple insists breach allegations are ‘not true’

FYI, this story is more than a year old

Bloomberg's report suggesting Chinese espionage within some of America's largest tech companies exploded onto the headlines last week, and the aftershocks will undoubtedly continue for some time yet.

Some of the biggest companies in the world were implicated in the potentially crippling report that claimed Supermicro chips had been infected by Chinese spies and installed within the inner sanctums of massive global companies like Amazon and Apple.

In the wake of these findings, Supermicro's stocks collapsed more than 50 percent, although they have begun crawling back a few points as the dust settles.

Supermicro, Amazon, and Apple all vehemently opposed the report from Bloomberg and asserted it to be quite simply, false. Bloomberg has stood by its report, which apparently is based off more than a year of investigation and 100 interviews, with input from multiple former and current Apple and Amazon employees, in addition to current and former US national security officials.

Now Apple has followed up with a public letter to US Congress, signed off by Apple Information Security vice president George Stathakopoulos – and he wasted no time in rubbishing Bloomberg's claims.

“You should know that Bloomberg provided us with no evidence to substantiate their claims and our internal investigations concluded their claims were simply wrong,” says Stathakopoulos.

“We are eager to share the facts in this matter because, were this story true, it would rightly raise grave concerns. A compromise of this magnitude, and the effective deployment of malicious chips like the one described by Bloomberg, would represent a serious threat to the security of systems at Apple and elsewhere.

Stathakopoulos says ever since Apple was first contacted by Bloomberg's reports in October last year, the company has been working ‘diligently' to sort out the allegations, constantly in communication with Bloomberg and answering all of their questions.

“We methodically dispelled the often-shifting nature of their claims. While we repeatedly asked them to share specific details about the alleged malicious chips that they seemed certain existed, they were unwilling or unable to provide anything more than vague secondhand accounts,” says Stathakopoulos.

“We were struck by the fact that the gravity and magnitude of the claims seemed to be undermined by their uncertainty around key details. Nevertheless, we worked tirelessly to ascertain whether these claims were true or, failing that, if anything even like them were true.

Stathakopoulos says that in the end, Apple's own investigations contradict every single consequential conclusion made in the article.

“Apple has never found malicious chips, “hardware manipulations” or vulnerabilities purposely planted in any server. We never alerted the FBI to any security concerns like those described in the article, nor has the FBI ever contacted us about such an investigation,” says Stathakopoulos.

“Our frustration is animated by the fact that we share your rightful focus on cybersecurity and the integrity of the global supply chain. We understand that, though this story only relates to our enterprise hardware, Americans are justly concerned about how supply chain security affects the consumer products they use every day.

Stathakopoulos then goes on to stress all the procedures the company takes to prevent situations like what Bloomberg has implied. This includes working with multiple vendors that all undergo a rigorous review process, multiple layers of security, an experienced security team, and ongoing vulnerability scans, patching, and security reviews.

Furthermore, in Bloomberg's implied scenario the compromised servers were allegedly making outbound connections. Stathakopoulos says this simply wouldn't be possible as the company's proprietary security tools are scanning continuously for this exact kind of traffic as it indicates the presence of malware or other malicious activity.

“Today, individuals, communities, and nations depend on the security and integrity of our shared technological infrastructure,” says Stathakopoulos.

“We at Apple hold this responsibility sacrosanct, and we will continue to dedicate intense focus on keeping ahead of the hackers, cybercriminals, and even nation states that hope to steal data and harm user faith in the potential of technology to build a better world.

To add weight to Apple's claims, over the weekend the US Department of Home Security joined the UK's National Cyber Security Centre, with the duo claiming they had no reason to doubt the statements from the companies named in the report.

Despite this comprehensive letter to Congress and the government assertions, Bloomberg is standing by its reporting. In the original release the report underlined:

"The companies' denials are countered by six current and former senior national security officials, who—in conversations that began during the Obama administration and continued under the Trump administration—detailed the discovery of the chips and the government's investigation. One of those officials and two people inside AWS provided extensive information on how the attack played out at Elemental and Amazon; the official and one of the insiders also described Amazon's cooperation with the government investigation. In addition to the three Apple insiders, four of the six US officials confirmed that Apple was a victim. In all, 17 people confirmed the manipulation of Supermicro's hardware and other elements of the attacks."

So the question is, who do you believe? We'll keep you updated, as with all the big trees being shaken there is bound to be something else to drop.

Related stories
Top stories
Story image
5G
Mavenir integrates cloud-native 5G offerings with Google Cloud infrastructure
Mavenir has integrated its cloud-native 5G products with public cloud infrastructure on Google Cloud, expanding the company’s ‘One Network, Any Cloud All Software’ strategy.
Story image
Data Protection
iseek acquires south Australian data centre, YourDC
The acquisition broadens iseek’s co-location, cloud, and connectivity offering to seven data centres across Brisbane, Northern Queensland, Sydney, and Adelaide.
Story image
Microsoft
Putting the data horse ahead of the technology cart
There’s one question I often ask myself: Are we over-indexing on thinking about technology rather than data?
Story image
Artificial Intelligence
Versa announces partnership with Nabiq to deliver 5G services
Versa’s VOS enables a unique approach to 5G edge solutions by combining virtual machines with SASE multi-tenancy to enable 5G UPF data plane
Story image
Data analytics
COVID-19 relief innovation takes 2022 SAS Hackathon crown
In COVID-19’s wake, more than 287,000 MSMEs joined JakPreneur, a collaborative government platform that links entrepreneurs and stakeholders
Story image
Data Centre Cooling
The world is heating up, but data centres should keep their cool
With the world heating up, the challenge of keeping data centres cool becomes more complex, expensive and power intensive.
Story image
Sustainable IT
Equinix partners NUS to use hydrogen tech in data centres
The partners will develop hydrogen fuel technologies for green data centres in tropical climates, and for use in Equinix’s global network.
Story image
IT Automation
Juniper Networks announces expansion of Apstra Software with Apstra Freeform
The newly announced Apstra Freeform technology will give customers the ability to manage and automate operations for data centers regardless of the architecture.
Story image
Software-as-a-Service
Cloudera launches all-in-one data lakehouse cloud service
CDP One makes it faster, easier and less risky for businesses to move to the cloud and migrate existing workloads to a modern data architecture.
Aws Marketplace
Learn how to implement a backup and recovery plan for a new generation of Kubernetes-based modern applications
Link image
Story image
IT infrastructure
Bentley Systems announces finalists for the 2022 Going Digital Awards in Infrastructure
The company says that this annual awards program honours the work of Bentley software users who are advancing infrastructure design, construction, and operations throughout the world.
Story image
Update
InterSystems releases updates to its IRIS data platform
Provider of next-generation solutions InterSystems has announced a series of new releases to its award-winning InterSystems IRIS data platform.
Story image
Google Cloud Platform
Google Cloud to open first cloud region in NZ - among others
Google Cloud has announced plans to bring three new cloud regions, one each in New Zealand, Malaysia and Thailand.
Story image
Sustainable IT
New report calls for tighter guidelines on data centre sustainability
A new Cushman & Wakefield report is calling for water consumption and carbon emissions to be measured in addition to power usage.
Story image
Optical Networking
NEC predicts AON as a next-generation infrastructure
NEC's open optical transmission devices support multi-vendor configurations, allowing customers to procure and combine equipment from multiple vendors.
Story image
Data Centre Maintenance / Management
Schneider Electric backs new Leading Edge data centre in Australia
As a result of the new project, regional Australian businesses and communities will likely have greater access to distributed cloud networks.
Story image
No-code
Eradicating ‘App Fatigue’ and retention problems through implementing no-code ITSM
Almost always, simplicity is best. Intuitive designs and practical workflows are the keys to preventing fatigue.
Story image
Digital Transformation
NEXTDC opens $1b+ next gen sovereign data centre in Sydney
Australian data centre as a service provider has officially opened S3, its largest Sydney development to date. 
Story image
Data Protection
iseek secures Queensland Government data centre contract
iseek secures the Queensland Government's core network data centre as-a-service contract after a competitive procurement process undertaken by the CITEC.
Story image
Hyperscale
Growth in hyperscale data centres to increase shortage of IT workers
New Zealand's tech worker capacity is set to come under increasing pressure as the number of hyperscale data centres grows.
Story image
Sustainable IT
Empyrion DC announces 40MW green data center in South Korea
Empyrion DC has announced it is developing a 40MW green data center in Gangnam, Seoul, South Korea (GDC).
Story image
Startup
Zetaris is changing the way we think about data virtualisation
Zetaris was launched on the Microsoft Marketplace and Ingram Micro Cloud Marketplace in Australia in 2020 and has since expanded into nine global markets.
Story image
Melbourne
Equinix invests $23m to expand ME2 data centre in Melbourne
Equinix has completed the second phase expansion of its ME2 International Business Exchange data centre, located in Port Melbourne.
AWS Marketplace
Whitepaper: A practical guide for mitigating risk in today’s modern applications
Link image
Story image
Storage
DCI Data Centers breaks ground on AKL02 center
DCI Data Centers has commenced construction on Auckland's largest data center.
Story image
Gartner
SnapLogic named Visionary in two Magic Quadrant categories
SnapLogic has announced that it is the only iPaaS (Integrated Platform as a Service) vendor to be named a Visionary in two Magic Quadrant categories.
Story image
Edge Computing
NTT launches Edge-as-a-Service to accelerate automation
"Minimum latency, maximum processing power, and global coverage are exactly what enterprises need to accelerate their digital transformation journeys.”
Story image
Data center
Australia’s data centre pioneer still leading after 22 years
We look at the fascinating success of Macquarie data centre's over its 22 year life span and how they continue to innovate in a highly contested sector.
Story image
Software-as-a-Service
Honeywell launches Data Center Suite for business outcomes
Honeywell has launched its Data Center Suite, a portfolio of outcome-based software offerings to help data centre managers and owners.
Story image
Data
Talend announces support for Amazon Redshift Serverless
Talend has announced its support for Amazon Redshift Serverless, with the company saying the integration reinforces its commitment and leadership in supporting businesses.
Story image
Storage
Seagate announces next gen advanced storage arrays
The new Exos X systems feature up to twice the performance of the previous generation and enhanced enterprise-class durability, the company states.
Story image
Digital Transformation
Nanyang Technological University Singapore builds digital brand presence
Leveraging the customisation features of Sitefinity DX, non-technical users could upload content and create design pages and boost work productivity. 
Story image
Software Defined Wide Area Network
Axiata, Versa Networks partner for enterprise SASE in Asia
Axiata has partnered with Versa Networks to deliver Secure Access Service Edge (SASE) technology to rapidly digitalising Asian enterprises.
Story image
5G
Worldwide 5G mobile data traffic exploding - report
"With 5G, there is a wider range of deployment scenarios, forcing vendors to provide comprehensive solutions to support every need."
Story image
Network Infrastructure
Vertiv launches solutions to better manage edge computing
Vertiv has introduced new power and cooling solutions for the edge of the network, including the addition of lithium-ion models to a leading on-line UPS family.
Story image
Multi-cloud
VMware advances multi-cloud management with VMware Aria
Managing apps and infrastructure in a multi-cloud, especially public cloud, and multi-technology environment is complex.
Story image
Digital Transformation
NTT launches its Cyberjaya 6 data center in Malaysia
NTT expands its hyperscaler footprint in Malaysia with its sixth data center facility, supporting the growing digital economy.
Story image
Machine learning
Oracle announces MySQL HeatWave for Amazon Web Services
MySQL HeatWave is a service that combines OLTP, analytics, machine learning, and machine learning-based automation. 
Story image
Data analytics
Srisawan Hospital to enhance patient experience with InterSystems TrakCare
The new Srisawan Hospital in Bangkok has chosen InterSystems TrakCare to help create enhanced patient experiences and promote further digital engagement.
Story image
Cloud
SoftIron announces its newest flagship offering, HyperCloud
SoftIron has announced HyperCloud, the world's first full turnkey, completely integrated and supported Intelligent Cloud Fabric and the company's newest flagship offering.
Story image
Superloop
Stellar financial result after major strategic moves by Superloop
We get a glimpse under the hood at the financial results from 2022 for the connectivity giant Superloop.
Story image
Microsoft
VMware extends collaboration with Microsoft for enterprise workloads in Azure
Mutual customers will have the choice to purchase Azure VMware Solution through the VMware Cloud Universal program.