Previous Page  59 / 88 Next Page
Information
Show Menu
Previous Page 59 / 88 Next Page
Page Background

52

I

n

2015,

Amazon.com

Inc. began quietly evaluating a startup

called Elemental Technologies, a potential acquisition to

help with a major expansion of its streaming video service,

known today as Amazon Prime Video. Based in Portland, Ore.,

Elemental made software for compressing massive video

iles

and formatting them for diferent devices. Its technology had

helped stream the Olympic Games online, communicate with

the International Space Station, and funnel drone footage to

the Central Intelligence Agency. Elemental’s national security

contracts weren’t the main reason for the proposed acquisi-

tion, but they it nicely with Amazon’s government businesses,

such as the highly secure cloud that Amazon Web Services

(AWS) was building for the CIA.

To help with due diligence, AWS, which was overseeing the

prospective acquisition, hired a third-party company to scru-

tinize Elemental’s security, according to one person familiar

with the process. The irst pass uncovered troubling issues,

prompting AWS to take a closer look at Elemental’s main prod-

uct: the expensive servers that customers installed in their net-

works to handle the video compression. These servers were

assembled for Elemental by Super Micro Computer Inc., a San

Jose-based company (commonly known as Supermicro) that’s

also one of the world’s biggest suppliers of server mother-

boards, the iberglass-mounted clusters of chips and capaci-

tors that act as the neurons of data centers large and small. In

late spring of

2015, Elemental’s st

af boxed up several servers

and sent them to Ontario, Canada, for the third-party security

company to test, the person says.

Nested on the servers’ motherboards, the testers found

a tiny microchip, not much bigger than a grain of rice, that

wasn’t part of the boards’ original design. Amazon reported

the discovery to U.S. authorities, sending a shudder through

the intelligence community. Elemental’s servers could be

found in Department of Defense data centers, the CIA’s drone

operations, and the onboard networks of Navy warships. And

Elemental was just one of hundreds of Supermicro customers.

During the ensuing top-secret probe, which remains open

more than three years later, investigators determined that the

chips allowed the attackers to create a stealth doorway into any

network that included the altered machines. Multiple people

familiar with the matter say investigators found that the chips

had been inserted at factories run by manufacturing subcon-

tractors in China.

This attack was something graver than the software-based

incidents the world has grown accustomed to seeing.

Hardware hacks are more diicult to pull of and potentially

more devastating, promising the kind of long-term, stealth

access that spy agencies are willing to invest millions of dol-

lars and many years to get.

There are two ways for spies to alter the guts of computer

equipment. One, known as interdiction, consists of manip-

ulating devices as they’re in transit from manufacturer to

customer. This approach is favored by U.S. spy agencies,

according to documents leaked by former National Security

Agency contractor Edward Snowden. The other method

involves seeding changes from the very beginning.

One country in particular has an advantage executing this

kind of attack: China, which by some estimates makes 75 per-

cent of the world’s mobile phones and 90 percent of its PCs.

Still, to actually accomplish a seeding attack would mean devel-

oping a deep understanding of a product’s design, manipulat-

ing components at the factory, and ensuring that the doctored

devices made it through the global logistics chain to the desired

location—a feat akin to throwing a stick in the Yangtze River

upstream from Shanghai and ensuring that it washes ashore

in Seattle. “Having a well-done, nation-state-level hardware

implant surface would be like witnessing a unicorn jumping

over a rainbow,” says Joe Grand, a hardware hacker and the

founder of Grand Idea Studio Inc. “Hardware is just so far of

the radar, it’s almost treated like black magic.”

But that’s just what U.S. investigators found: The chips had

been inserted during the manufacturing process, two oicials

say, by operatives from a unit of the People’s Liberation Army.

In Supermicro, China’s spies appear to have found a perfect

conduit for what U.S. oicials now describe as the most sig-

niicant supply chain attack known to have been carried out

against American companies.

One oicial says investigators found that it eventually

affected almost 30 companies, including a major bank,

government contractors, and the world’s most valuable

Bloomberg Businessweek

October 8, 2018

The Big Hack

An investig tive report

By Jordan Robertson

and Michael Riley

Photographs by Victor Prado

Illustrations by Scott Gelber

1 54 55 56 57 58 59 60 61 62 63 64 65 88  FlippingBook