Tuesday October 09, 2018

Evidence of Supermicro Infected Hardware Found at U.S. Telecom

Bloomberg says that security expert Yossi Appleboum has found evidence of altered Supermicro hardware in a major U.S. telecom's network. Mr. Appleboum has worked for the Israeli Army Intelligence Corps and is now co-chief executive officer of Sepio Systems in Gaithersburg, Maryland. His company was hired to scan data centers for an undisclosed telecom and discovered that a server was performing unusual communications. An implant was discovered on the server's Ethernet connector. He says that his company has seen other modifications on hardware being imported from China and explained that Supermicro isn't the only victim of the Chinese supply chain.

In the case of the telecommunications company, Sepio's technology detected that the tampered Supermicro server actually appeared on the network as two devices in one. The legitimate server was communicating one way, and the implant another, but all the traffic appeared to be coming from the same trusted server, which allowed it to pass through security filters. Appleboum said one key sign of the implant is that the manipulated Ethernet connector has metal sides instead of the usual plastic ones. The metal is necessary to diffuse heat from the chip hidden inside, which acts like a mini computer. "The module looks really innocent, high quality and 'original' but it was added as part of a supply chain attack," he said.

Discussion