Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
China Caught Red-Handed Inserting Backdoors Into Hardware
#3
https://www.extremetech.com/computing/27...us-telecom
Quote:But Bloomberg isn’t just standing by its previous reporting. It’s pushing ahead. The organization notes that a US telecom discovered and removed manipulated SuperMicro servers from its network in August. Bloomberg spoke to security expert Yossi Appleboum, who worked for the telecom in question and reportedly provided documents, analysis, and additional evidence for his claims.
...
According to Bloomberg, the attacks detailed today aren’t identical to the earlier variants that were discussed but share certain key characteristics, namely: “They’re both designed to give attackers invisible access to data on a computer network in which the server is installed; and the alterations were found to have been made at the factory as the motherboard was being produced by a SuperMicro subcontractor in China.”

Appleboum was able to determine that the device was tampered with at the factory where it was manufactured and that the hardware was built by a SuperMicro subcontractor in Guangzhou. The poisoned hardware was found in a facility with a number of SuperMicro servers deployed inside it, but it’s not clear what data was running on the server, specifically. Bloomberg notes that the analysis of the hardware it has found was handled by the FBI’s cyber and counterintelligence teams rather than Homeland Security, which may explain why DHS had no knowledge of the allegations. Appleboum claims to have consulted with firms outside the US, and they’ve confirmed to him that they’ve been tracking the manipulation of SuperMicro hardware for quite some time.
...
These details suggest an attack vector more plausible than a piece of equipment soldered to the motherboard or hidden inside the PCB. A component hidden inside an Ethernet jack would be much more difficult to detect. And the new details should shed light on how the attack was supposedly carried out and implemented, helping to answer the question of what took place and what needs to be done about it.
Reply


Messages In This Thread
RE: China Caught Red-Handed Inserting Backdoors Into Hardware - by SteelCrysis - 10-10-2018, 07:38 PM

Forum Jump:


Users browsing this thread: 1 Guest(s)