The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies

Discussion in 'Cyber Security' started by fenderman, Oct 4, 2018.

Share This Page

  1. fenderman

    fenderman Staff Member

    Joined:
    Mar 9, 2014
    Messages:
    27,367
    Likes Received:
    7,335
    Bloomberg - Are you a robot?

    "Two of Elemental’s biggest early clients were the Mormon church, which used the technology to beam sermons to congregations around the world, and the adult film industry, which did not." - Priceless!
     
    handinpalm and tangent like this.
  2. randytsuch

    randytsuch Pulling my weight

    Joined:
    Oct 1, 2016
    Messages:
    476
    Likes Received:
    151
    Its pretty scary that they were able to add those tiny chips to servers.
    Also scary to think where else they could be right now.
     
  3. Mr_D

    Mr_D Getting comfortable

    Joined:
    Nov 17, 2017
    Messages:
    451
    Likes Received:
    321
    Location:
    Southern California
    Gee, who could have seen this coming? Can we please go back to making stuff ourselves or buying from allies, please?
     
    Q™ and bigredfish like this.
  4. Fastb

    Fastb Known around here

    Joined:
    Feb 9, 2016
    Messages:
    1,173
    Likes Received:
    673
    Location:
    Seattle, Wa
    The article covered many things uncovered in 2015 and 2016. ie: a long time ago.
    How far has the Chinese technology come since then? One glimpse: Amazon later found chip with "more sophisticated designs than they’d previously encountered. In one case, the malicious chips were thin enough that they’d been embedded between the layers of" the PCB.
    It seems only an Xray of the PCB would find those buried devices.
    My takeaway: Scary stuff they found in 2015 and 2016.
    What have they found since? It's too early now - the investigations are, or course, not public.
     
    JDJ likes this.
  5. Fastb

    Fastb Known around here

    Joined:
    Feb 9, 2016
    Messages:
    1,173
    Likes Received:
    673
    Location:
    Seattle, Wa
    @Mr_D
    Fair comment.
    Bringing the manufacture of PCBs and products to us or our allies could help.
    But what if the capability of those chinese chips was integrated into microprocessors themselves?
    a) a chip designer (with loyalty to China) could be inside at Intel, AMD, NVIDIA, etc. And embed the capability of those very limited chinese chips into a powerful micro processor's layout, (the mask) which has millions or billions of transistors?
    b) Or the simple firmware from the small chinese chips could be hidden in the extensive firmware of a powerful microprocessor?

    The article focused on supply chain security. What about upstream, and the companies that design and fabricate the chips that enter the supply chain?
    A product could be designed and built in the US, with a domestic supply chain, and might still have nefarious chinese capability inside....

    [​IMG]

    Maybe I read too many spy novels.....

    Fastb
     
  6. handinpalm

    handinpalm Pulling my weight

    Joined:
    Sep 21, 2016
    Messages:
    176
    Likes Received:
    108
    Location:
    Tampa Bay FL
    As technology gets more sophisticated, so does the hacking. This article is only the stuff you hear about, which means probably 1% - 2% of what is happening. I am expecting to sign into my bank account one day and find Nothing! Then, all the power goes out, permanently. In the end, we are all going to be fucked. Now, I am going back to play with my chinese cameras. BTW, thanks for starting this cybersecurity sub forum.
     
    JDJ, looney2ns and fenderman like this.
  7. mark_whocares

    mark_whocares Getting comfortable

    Joined:
    Apr 20, 2017
    Messages:
    55
    Likes Received:
    18
    Its like china read about the NSA's Tailored Access Operations (TAO) and got their own ideas...