So did Super Micro’s servers get hacked, or not?
Markets certainly thought so. Super Micro Computer, Inc.’s share price plunged more than 50 percent the same day after that jaw-dropping story broke.
But just how reliable is Bloomberg’s version of events?
A lot of the revelations drawn from the exposé were founded on human testimony. Not a lot of it was rooted in technical analysis. This is a huge blind spot in light of how motherboards were so central to “the big hack”.
Identifying the Missing (Technical) Link
Motherboards are, by design, highly intricate pieces of hardware. So precisely placed are their components that any positional changes, no matter how minute, almost always requires a complete overhaul in design.
This fact raises the question of how plant managers at Chinese subcontracting factories were able to disguise design alterations of the compromised motherboards to accommodate an extra spy chip.
An excerpt from the original Bloomberg story:
The Big Hack: How China Used a Tiny Chip to Infiltrate US Companies
- “In some cases, plant managers were approached by people who claimed to represent Supermicro or who held positions suggesting a connection to the government. The middlemen would request changes to the motherboards’ original designs, initially offering bribes in conjunction with their unusual requests.”
An excerpt from a follow-up Bloomberg story:
New Evidence of Hacked Supermicro Hardware Found in US Telecom
- “Based on his inspection of the device, [Yossi] Appleboum [co-CEO of Sepio Systems, a firm specialising in hardware security] determined that the telecom company’s server was modified at the factory where it was manufactured. He said that he was told by Western intelligence contacts that the device was made at a Supermicro subcontractor factory in Guangzhou, a port city in southeastern China.”
- “To insert our theoretical spy chip on the motherboard would require a complete redesign of the board to create the precise set of connection points required by our chip in precisely the required location. Such a redesign would be no trivial task in itself, but to disguise it in such a way that it could not be detected we believe is highly improbable.”
This is not to say there is no truth to Bloomberg’s report. However, to prove beyond a reasonable doubt that a Chinese hardware hack actually took place, scrutinising how the motherboards were redesigned and how these redesigns were disguised would provide that convincing proof.
Wait! There is plenty more coverage about the Super Micro saga on Smartkarma. Dig deeper by exploring some of the investment research network’s Insights listed below.
More Insights by Smartkarma
Sign up or log in to Smartkarma to read more about Super Micro and the alleged hack’s broader ramifications.
Keating flags other potential irregularities in Bloomberg’s reporting, such as mistaking an isolated 2016 incident at Apple for “the big hack”.
The national security debate erupts. This Insight investigates the truth stirring the debate.
Get a Different Perspective
Sometimes, it helps to take a step back and take a wider look.
“Nothing was ever found,” says Apple’s Vice President for Information Security.
A look at the difficulties and dilemmas journalists face in determining what is “classified” information and what is not.
Stay up-to-date with weekly news, analysis, and Insights from Smartkarma, the Global Investment Research Network.