Shares of Supermicro collapsed amid investigations into the introduction of Chinese spy chips into the company's servers.
The Bloomberg Businessweek publication has published a lot of material on a spy microchip, which was developed by Chinese intelligence agencies. It was secretly built into the design of motherboards for Supermicro servers manufactured in China. With the help of a microchip, attackers obtained remote server control capabilities. In total, about 30 US finance and technology companies were attacked.
The investigation caused a huge resonance, with the result that Supermicro shares collapsed more than 50% in a day.
')
Prehistory
In 2015, Amazon began the process of evaluating the startup business Elemental Technologies for a possible purchase. The Elemental team has been developing software for video compression and its formatting to work on various mobile devices. Amazon needed this product for use in its own video streaming services.
Among other things, Elemental Technologies’s customers included US government agencies, which also fit into Amazon’s development strategy - the company is building cloud infrastructure, for example, for the CIA.
One of the elements of a pre-sale assessment is an information security audit. Amazon hired an external cyber defense firm to host it. Its specialists discovered oddities in the design of the Elemental Technologies servers, which the company purchased from Supermicro.
The researchers found in the motherboards of these servers a microchip the size of a grain of rice (for comparison, it is several times smaller than a coin ), which should not have been there according to equipment specifications. At this stage, the intelligence services of the United States were connected to the investigation. As a result, it became clear that the microchip allowed remotely and covertly monitor the servers on which it is installed.
Attack description
Supermicro servers, like almost all modern computer equipment, are assembled in China. A US investigation revealed that spyware chips were installed in Chinese factories. The microchip was developed by Chinese intelligence agencies.
After the server with the installed motherboard was installed and turned on, the chip gained control over the OS and opened the possibility of remote connection and server management. The microchip, for example, could disable user password checks, so attackers could easily install any code on the server.
About 30 American companies suffered from the attack, including a large bank, US government contractors, and the most expensive company in the world - Apple. The company from Cupertino was one of the largest customers of Supermicro and planned to order 30,000 servers for installation in its data centers in different regions of the world. Apple security service also discovered a spyware microchip in 2015, which led to the cancellation of contracts with Supermicro.
Reaction to the investigation
Sources Bloomberg argue that the US intelligence agencies have been able to trace the path of delivery of microchips to specific factories in China. The agents were even able to restore the details of the negotiations between the plant management and representatives of the Chinese special services.
According to the data, factory managers were first offered bribes for changing the design of Supermicro motherboards, and if they refused to cooperate, they were threatened with checks and potential closure of the factories. After reaching an agreement, intermediaries delivered a batch of microchips to the plant.
Despite all the evidence, officially Amazon, which bought Elemental Technologies in the fall of 2015, Apple and Supermicro refused to acknowledge the fact of cyber attacks. Despite this, the shares of the equipment manufacturer on the day of the release of the Bloomberg investigation collapsed by more than 50%. By the end of the week, the losses were recouped, but the overall fall in the value of the shares turned out to be extremely significant - if on October 5 they were trading at $ 21.4 per share, then by Friday it would be at $ 11.7 per share.
As CNBC notes , Thursday of this week was for Supermicro the worst day on the stock exchange since the IPO in 2007.
In addition to the reaction of investors, it became known about the next steps of the US authorities - they included computer equipment (including motherboards) in the next round of trade sanctions against China. The country's leadership wants to move the supply chains of American companies from China to other countries.
Other materials on finance and stock market from ITI Capital :
- Analytics and market reviews
- Purchase of shares of American companies from Russia
- Huawei overtook Apple in terms of sales. The capitalization of the American company still reached $ 1 trillion
- Analysts: Microsoft's capitalization could reach $ 1 trillion
- Mass media: large-scale cyber attacks accelerated the growth of capitalization of companies from the information security industry
- Bloomberg: Hedge Funds Recognize Brexit Results Before Others And Earn Billions
Source: https://habr.com/ru/post/425549/
All Articles