From: Virus Guy <Virus@Guy.C0M>

Juergen Nieveler wrote:

> The supposed implant would affect the BMC - which normally wouldn't be 
> exposed to the Internet (as, in fact, no part of a critically sensitive 
> server would be).
> 
> Wake me up when they explain how an attacker gets into a closed network 
> from the outside...

It's not that someone on the outside is getting in.

It's that a trojan horse, baked into the motherboard, can communicate 
with something on the outside.  Now how you do that and not be seen 
under presumably intense traffic analysis, I don't know.

==============

Bloomberg Reports China Infiltrated the Supermicro Supply Chain We 
Investigate

October 4, 2018

https://www.servethehome.com/wp-content/uploa...
Supermicro SBI-7128RG-X

Bloomberg today came out with an industry shocker. The Big Hack: How 
China Used a Tiny Chip to Infiltrate U.S. Companies. In that article, 
Bloomberg reports that the PLA managed to infiltrate Supermicro's supply 
chain and add small chips that allowed Chinese agencies to hack into 30 
companies such as Apple and Amazon. The company also published, in a 
different article, statements from Amazon, Apple, and Supermicro 
strongly rebutting the story. See The Big Hack: Statements From Amazon, 
Apple, Supermicro, and the Chinese Government. Something is certainly 
strange here, and at STH, we review more server platforms than anywhere 
else on the Internet, including those from Supermicro. We also, by 
chance, started diving into the BMC security space more recently so it 
is clearly time to investigate.

What is this hack?

According to Bloomberg, the hack involves a small IC inserted into the 
Supermicro motherboard PCB. In previous generations, this would have 
been a surface mount component. The story claims current generations 
have these devices embedded in PCB.

There, of course, has to be much more than a simple chip. That chip 
needs to tap into electrical signals both for power and for data 
transfer. That means that not only must a component be inserted, but 
also PCB wires. Bloomberg says it is in line with memory to CPUs to 
intercept some password validation code. By changing this code in Linux, 
it allows remote attackers to access the servers and potentially phone home.

That is a little strange frankly from a technical standpoint. Where 
could these chips be located?

DRAM memory traces are very complex. 288 pins per DDR4 DRAM module (not 
all are data of course), times 8 modules per CPU times two CPUs and that 
is a lot of pins to monitor from such a small IC. Even in the older 
240-pin DDR3 generation, with 16 modules there is no way a small IC can 
monitor that many wires. Also, memory traces in motherboards are often 
an area where PCB designers spend a lot of time to get correct lengths 
and timings on the wires. Inserting a small IC would not be the easiest 
feat there.

The other candidates are more probable. The first is using the onboard 
SATADOM wires. SATADOMs are small flash memory devices used to load base 
operating systems. SATA cables are 7-pin designs with three ground wires 
and two A/B +/- pairs. Supermicro SATADOM connectors have an extra power 
capability.


https://www.servethehome.com/wp-content/uploa...
N2F-SATA-and-Oculink.jpg
Supermicro X11SDV 4C TLN2F SATA And Oculink


This would be a lower pin count option to exploit. The problem, of 
course, is that most large shops encrypt data on the SATADOMs. Most 
SATADOMs do not have self-encrypting capabilities which means it is host 
encryption. The Bloomberg article said that the hardware would intercept 
storage to CPU transfers. If the data is encrypted when transferred, it 
would be nearly impossible in that IC footprint to crack reasonable 
encryption and change the OS in-line.

The final, and perhaps most likely vector would be the BMC. We have a 
piece Explaining the Baseboard Management Controller or BMC in Servers. 
A hardware chip that could impact the BMC firmware is more probable.

https://www.servethehome.com/wp-content/uploa...
EED-2400-BMC.jpg
ASRock EPC612D8A-TB ASPEED 2400 BMCASRock EPC612D8A-TB ASPEED 2400 BMC


Each BMC has local storage ever since the 1998 IPMI 1.0 spec was announced.


https://www.servethehome.com/wp-content/uploa...
-1998-BMC.jpg
Intel IPMI V1 September 1998 BMCIntel IPMI V1 September 1998 BMC


This is generally a very small flash module for storage, often a few MB 
in size. The BMC usually runs a flavor of Linux. Getting root access to 
the BMC is bad, but it is not the same as getting full access to the 
main server OS.


https://www.servethehome.com/wp-content/uploa...
jpg
ASPEED AST2500 DiagramASPEED AST2500 Diagram


The BMC has root console access to the server. It is on before the 
server boots. It can mount media and has network access. Think of it as 
an administrator sitting at the machine, but bringing that functionality 
anywhere in the world.

BMCs are amazingly hacked devices. The Bloomberg story's comments from 
Amazon and Apple both point to the BMC and IPMI firmware/ management 
interfaces. We think this is the most likely vector.

The bad news is that BMC's are extremely dangerous. They are also 
pervasive with a few points under 100% of servers having them these 
days. The Bloomberg article cites the well-known Supermicro BMC/ IPMI 
vulnerabilities. Supermicro is not alone. Every Dell EMC PowerEdge 
server (edit: 13th generation and older, the new 14th generation has a 
fix to prevent this) has a local and remote exploit available that the 
company can mitigate with patches, but cannot fix. We broke this story 
with iDRACula.  If you think you are safe with HPE or Lenovo servers, 
here are BMC vulnerabilities for other vendors.

https://www.blackhat.com/us-18/briefings/sche...
htness-of-bmcs-10035

The security community, as a whole, knows that BMCs are both useful if 
not mandatory in today's infrastructure. As a result, the security 
community, and major hyper-scale vendors are putting a lot of effort in 
researching security solutions.

One of the more interesting bits is that if it is a BMC vulnerability or 
anything that ôphones homeö over a network interface, one would expect 
that security researchers would have seen it. There are companies that 
put boxes on networks just to see what network traffic they create. 
Supermicro tends to build common designs that it ships to multiple 
customers. It would be slightly interesting if only some Supermicro 
servers, e.g. for certain customers were impacted. If China did not do 
this, it would have been caught earlier. If China did limit to a few 
customers, it would be difficult to target them at PCB. As we will show 
shortly, Supermicro PCBs are used across products.

Bottom line, if this Supermicro attack vector is to the BMC, then the 
Bloomberg story is no bigger than the Dell EMC PowerEdge iDRACula story 
or any others. Saying there is a vulnerability in a BMC is like saying 
the sun is hot.
Some higher-resolution areas of MicroBlade BMCs

We had some similar generation Supermicro MicroBlades where we could 
provide higher-resolution photos of their BMC areas. This is where the 
hacked chips are located on the board that Bloomberg depicts. This also 
shows that a Supermicro PCB is spun for multiple products. That makes it 
extremely difficult to target a specific customer at the time of PCB 
construction. Here we have two different products built on the same 
underlying PCB.

For our less technical readers, this is what the actual PCB looks like. 
For our more technical readers, you may want to see for yourself.

Here are two MicroBlades of that era the Supermicro B1SD1-TF and the 
B1SD2-TF. The ô2ö represents that the PCB houses two complete server 
nodes. We highlight this because if the attack is present on this 
platform, presumably it would require a second inserted chip which would 
not be required on the B1SD1-TF.

https://www.servethehome.com/wp-content/uploa...
-Area.jpg


There are a ton of ICs there. I know we have STH readers who will want 
to look. Have at it.
The Counterpoint Published Outside of the Main Story

Bloomberg posts statements from companies, not in their main article, 
but linked in a separate article.

Amazon, Apple, and Supermicro all deny that this is happening.

Just for a taste, here is an excerpt from Apple's statement:

ôWe are deeply disappointed that in their dealings with us, Bloomberg's 
reporters have not been open to the possibility that they or their 
sources might be wrong or misinformed. Our best guess is that they are 
confusing their story with a previously-reported 2016 incident in which 
we discovered an infected driver on a single Super Micro server in one 
of our labs. That one-time event was determined to be accidental and not 
a targeted attack against Apple.ö (Source: Bloomberg/ Apple)

This is a little strange. All three are public companies. A simple ôno 
commentö would have sufficed. Or a ôwe would not be allowed to comment 
on your classified source storyö perhaps. Supermicro one can dismiss 
their lack of knowledge to perhaps the intelligence community not 
wanting to alert anyone there. Apple and Amazon went beyond a simple ôno 
recollectionö or ôno commentö type response. They should not be allowed 
to make these types of responses if they are untrue since they would be 
potentially misleading investors. Even if they could not speak about the 
issues, they did not have to go into the depth that they did.

Indeed, when we broke iDRACula the persistent (with mitigations) 
non-fixable Dell EMC PowerEdge issue impaction tens of millions of their 
servers, we held the entire story while Dell EMC's confirmation went 
through legal and management approvals. Having just broken a similar 
story, the responses from parties are in an absolutely sharp contrast.
Where the Bloomberg Piece Makes No Sense

There is one area where the Bloomberg piece makes no sense. Supermicro 
servers are procured for US Military contracts and use to this day. 
Supermicro's government business is nowhere near a large as some other 
vendors, but there are solutions providers who sell Supermicro platforms 
into highly sensitive government programs.

If the FBI, or other intelligence officials, had reason to believe 
Supermicro hardware was compromised, then we would expect it would have 
taken less than a few years for this procurement to stop.

Assuming the Bloomberg story is accurate, that means that the US 
intelligence community, during a period spanning two administrations, 
saw a foreign threat and allowed that threat to infiltrate the US 
military. If the story is untrue, or incorrect on its technical merits, 
then it would make sense that Supermicro gear is being used by the US 
military.
Final Words

First and foremost, I think we need to call for an immediate SEC 
investigation around anyone who has recently taken short positions or 
sold shares in Supermicro. With the accompanying Supermicro stock price 
hit that was foreseeable prior to the story, if anyone knew the story 
would be published, and acted on that non-public or classified 
information, the SEC needs to take action. There seems to have been over 
20 people that knew about this.

Further, with public companies making statements on the impact, unless 
there is a valid national security/ classified reason that they gave the 
responses they did, there is a mismatch. Apple and Amazon did not say 
ôno commentö they called Bloomberg's account false. The SEC needs to 
investigate here as well to see if these were publicly misleading 
statements.

Second, we need a formal investigation into why, if this is a true and 
serious threat, why it was not flagged in military procurement years ago.

There are parts of the Bloomberg story, the rebuttals from Amazon, 
Apple, and Supermicro, and logical reasoning which point to one key 
takeaway: server security is a big deal. Perhaps the bigger takeaway is 
that this is a 21st-century battleground that is active every day. 
Government agencies from China, the US, Russia, Israel, and others all 
have ways to impact servers and more broadly computing devices. We know 
the Intel management engine has been compromised. There are reports of 
Lenovo laptops phoning home data. It would be naive to think that any 
major world power is not working to get information from compute devices 
whether they are from Supermicro or another vendor. It is probably 
better to assume your server is compromised and start with that.

https://www.servethehome.com/bloomberg-report...
-supply-chain-we-investigate/

=================

A couple of interesting comments at the end of the above story:

-It's interesting that Supermicro was delisted from NASDAQ 2 months ago 
and this happened afterwards.


-SuperMicro stock today  12.60 -8.80 -41.12%
-so down 41% says someone believes the article to be true.

--- NewsGate v1.0 gamma 2
 * Origin: News Gate @ Net396 -Huntsville, AL - USA (1:396/4)