From: Virus Guy <Virus@Guy.C0M>

New Evidence Of Chinese Spy Hardware Found By Ex-Mossad Investigators; 
Super Micro Shares Plunge

Tue, 10/09/2018 - 12:15

A major US telecommunications company found "manipulated" hardware from 
Super Micro Computer Inc. in its network in August - bolstering claims 
in a Bloomberg report last week alleging that China installed bugging 
devices on hardware bought by Apple, Amazon and a host of other companies.

According to a new report by Bloomberg, the unnamed telecom company 
hired former Israeli Intelligence Corps security expert Yossi Appleboum, 
now of Maryland-based Sepio Systems, who provided "documents, analysis 
and other evidence of the discovery" following last week's report 
detailing how China's intelligence agencies had ordered subcontractors 
to install malicious chips in Super Micro motherboards between 2013 and 
2015.

Sepio Systems' board includes former Mossad director, Tamir Pardo, and 
its advisory board includes former CIA chief information security 
officer Robert Bigman.

     Israeli Army Intelligence Corps and is now co-chief executive 
officer of Sepio Systems in Gaithersburg,  Maryland. His firm 
specializes in hardware security and was hired to scan several large 
data centers belonging to the telecommunications company.

     Bloomberg is not identifying the company due to Appleboum's 
nondisclosure agreement with the client. Unusual communications from a 
Supermicro server and a subsequent physical inspection revealed an 
implant built into the server's Ethernet connector, a component that's 
used to attach network cables to the computer, Appleboum said. -Bloomberg

Appleboum says that Super micro "is a victim -- so is everyone else," 
and that he has seen "similar manipulations of different vendors' 
computer hardware made by contractors in China," according to Bloomberg. 
He adds that his concern is that there are numerous points in the supply 
chain in China where hardware can be manipulated - which are virtually 
impossible to track down. "That's the problem with the Chinese supply 
chain," said Appleboum.

     Based on his inspection of the device, Appleboum determined that 
the telecom company's server was modified at the factory where it was 
manufactured. He said that he was told by Western intelligence contacts 
that the device was made at a Supermicro subcontractor factory in 
Guangzhou ... The tampered hardware was found in a facility that had 
large numbers of Supermicro servers, and the telecommunication company's 
technicians couldn't answer what kind of data was pulsing through the 
infected one, said Appleboum, who accompanied them for a visual 
inspection of the machine.

     ...

     The manipulation of the Ethernet connector appeared to be similar 
to a method also used by the U.S. National Security Agency, details of 
which were leaked in 2013. In e-mails, Appleboum and his team refer to 
the implant as their ôold friend,ö because he said they had previously 
seen several variations in investigations of hardware made by other 
companies manufacturing in China. -Bloomberg

In response to the new evidence, Supermicro said in a statement: "The 
security of our customers and the integrity of our products
are core to our business and our company values. We take care to secure 
the integrity of our products throughout the manufacturing process, and 
supply chain security is an important topic of discussion for our 
industry. We still have no knowledge of any unauthorized components and 
have not been informed by any customer that such components have been 
found. We are dismayed that Bloomberg would give us only limited 
information, no documentation, and half a day to respond to these new 
allegations."

Shares of Super Micro dropped as much as 27% in Tuesday trading, and are 
down approximately 45% since October 3, before the initial Bloomberg 
story hit the next day.

Super Micro strongly refuted the initial Bloomberg report, while both US 
and UK intelligence officials put out statements over the last several 
days in support of Amazon, Apple and Super Micro - who say it never 
happened.

As Bloomberg notes - the new manipulation is different from the one 
described last week, however it shares key characteristics: "They're 
both designed to give attackers invisible access to data on a computer 
network in which the server is installed; and the alterations were found 
to have been made at the factory as the motherboard was being produced 
by a Supermicro subcontractor in China."

     Appleboum said that he's consulted with intelligence agencies 
outside the U.S. that have told him they've been tracking the 
manipulation of Supermicro hardware, and the hardware of other 
companies, for some time.  In response to the Bloomberg Businessweek 
story, the Norwegian National Security Authority said last week that it 
had been "aware of an issue" connected to Supermicro products since 
June.  It couldn't confirm the details of Bloomberg's reporting, a 
statement from the authority said, but it has recently been in dialogue 
with partners over the issue. -Bloomberg

Manipulated hardware is extremely difficult to detect, which as led 
intelligence agencies around the world to invest billions of dollars in 
such sabotage. The United States is known to have implemented extensive 
programs to "seed technology headed to foreign countries with spy 
implants," according to revelations by former CIA employee Edward 
Snowden - however China now appears to be sneaking their own versions 
onto hardware made within their borders.

     Three security experts who have analyzed foreign hardware implants 
for the U.S. Department of Defense confirmed that the way Sepio's 
software detected the implant is sound. One of the few ways to identify 
suspicious hardware is by looking at the lowest levels of network 
traffic. Those include not only normal network transmissions, but also 
analog signals -- such as power consumption -- that can indicate the 
presence of a covert piece of hardware. -Bloomberg

The goal of the spy implants is to establish a "covert staging area" 
within sensitive networks, which is what Appleboum says was happening in 
the new case. Once the implant was identified and the server removed, 
Sepio's tream was unable to perform further analysis on the chip.

One problem, according to national security experts, is that in a 
cybersecurity industry approaching $100 billion in revenue, very little 
effort has been made to inspect and detect hardware tampering. This has 
allowed intelligence agencies around the world to manipulate hardware 
virtually unfettered.

https://www.zerohedge.com/news/2018-10-09/new...
nd-ex-mossad-investigators-super-micro-shares
--- NewsGate v1.0 gamma 2
 * Origin: News Gate @ Net396 -Huntsville, AL - USA (1:396/4)