US telecom company found ethernet port manipulated by Chinese

An undisclosed US telecom company has found tampered-up hardware in its servers and a security expert has shown documents for it, Bloomberg reports.

Security expert Yossi Appleboum, co-director of Sepio Systems, is said to have worked for the telecommunications company and has submitted documents, analysis and “other evidence,” according to Bloomberg. His company is said to have been hired as an expert in the field of hardware security to inspect the telecom company’s servers. That investigation revealed striking communications from Supermicro servers, after which Appleboum was able to point to an implant at a manipulated Ethernet port as the source.

Appleboum claims to have seen more examples, not just of Supermicro, pointing the finger at China. The intelligence service of that country would place spy chips on motherboards somewhere in the supply route during export. Supermicro denies the report saying, “We still have no knowledge of unauthorized components and have not been informed by customers that such parts have been found.” The motherboard manufacturer also complains that Bloomberg did not send any documents and only gave a short time before publication to respond.

The report follows an extensive Bloomberg article last week, in which the site first claimed that Supermicro motherboards used by Apple and Amazon, among others, were equipped with spy chips. Apple and Amazon strongly denied and informed Bloomberg that they had been pointing out a multitude of gross inaccuracies for months. US and British authorities supported the companies’ denial. Also, one of the experts listed as a hardware security expert in the Bloomberg article, Joe Fitzpatrick, now tells the Risky Business podcast that he has serious doubts about how the article came about. He would have pointed out imperfections and his statements would not have been properly incorporated into the piece.