Super Micro has found no evidence of malicious microchips on its motherboards, according to a statement by the company that was released to customers today. The audit of Super Micro hardware comes on the heels of a scandalous report that Chinese spies had allegedly installed secret microchips on motherboards that were used in servers operated by giant tech companies like Apple and government agencies like the CIA.
The bizarre report, published by Bloomberg Businessweek this past October after a year-long investigation, alleged that Chinese spies were able to spy on sensitive American servers, but the article was met with immediate and aggressive push-back by the companies involved. Apple and Amazon both issued extremely strong denials and the U.S. Department of Homeland Security said that it had “no reason to doubt” the statements made by Apple and Amazon. The companies have also demanded a retraction of the Bloomberg story, which hasn’t happened.
Reuters reports that the analysis of Super Micro’s hardware was conducted by Nardello & Co. and covered both old motherboards and those that are fresh off the assembly line. Super Micro is also reportedly “reviewing its legal options,” though it’s not immediately clear whether that means the tech company will sue Bloomberg over the story.
The entire saga has left many in the tech world scratching their heads, as Bloomberg Businessweek isn’t known for playing fast and loose with the facts. But if you go back and read the original report from October, it doesn’t mince words about who and what is involved:
The chips had been inserted during the manufacturing process, two officials say, by operatives from a unit of the People’s Liberation Army. In Supermicro, China’s spies appear to have found a perfect conduit for what U.S. officials now describe as the most significant supply chain attack known to have been carried out against American companies.
One official says investigators found that it eventually affected almost 30 companies, including a major bank, government contractors, and the world’s most valuable company, Apple Inc. Apple was an important Supermicro customer and had planned to order more than 30,000 of its servers in two years for a new global network of data centres. Three senior insiders at Apple say that in the summer of 2015, it, too, found malicious chips on Supermicro motherboards. Apple severed ties with Supermicro the following year, for what it described as unrelated reasons.
How could this report, which appears to cite numerous unnamed experts in both the tech industry and the national security apparatus, be so wrong about everything? We still don’t have an answer to any of that, but we’ve reached out to Super Micro for more information about what it found during its audit. We’ll update this article if we learn more.
[Reuters]
Update, 12:18pm: You can read the full statement from Super Micro here.