So far, the misuse of personal data and corresponding cybersecurity measures have been the hottest topics in 2018 – just remember what’s been in the news in March.
If it happens that you live under a rock, I mean precisely the notorious Facebook’s data “partnerships” with 3rd party companies. Last week, Bloomberg published a scandalous story telling that Supermicro servers used by Apple, Amazon and other companies have Chinese hardware loopholes allegedly introduced by the manufacturer to send data to China.
The news isn’t something that has come out of blue. As a matter of fact, this type of hacking by a hardware manufacturer has been predicted by security researchers quite a long time ago. One must say that Bloomberg’s employees are quite serious in their statement.
They refer to 17 different anonymous informants, including several senior government agents and insiders at companies such as Apple and Amazon, along with one source in the Chinese government.
However, right after the publication, the companies mentioned in the article categorically rejected anything related to special microscopic chip-bugs. The Cupertino giant continued its line of defense by testifying in a formal letter to the US Congress which said that the Bloomberg report was “an unsubstantiated speculation”. Besides, Apple stated that they have been communicating with Bloomberg on this issue since October 2017:
“You should know that Bloomberg provided us with no evidence to substantiate their claims and our internal investigations concluded their claims were simply wrong. Our internal investigations directly contradict every consequential assertion made in the article—some of which, we note, were based on a single anonymous source. Apple has never found malicious chips, ‘hardware manipulations’ or vulnerabilities purposely planted in any server.”
Despite the fact that these harsh denials were sent via an official letter, Bloomberg didn’t back down easily. In response to a letter from Apple, the publication repeated its own statements:
“The investigation of Bloomberg Businessweek is the result of more than annual data collection, during which we conducted over a hundred interviews. Seventeen individual sources, including government officials and insiders at companies, confirmed the manipulation of hardware and other elements of attacks. We insist on the authenticity of our history and are confident in our reports and sources.”
Even if Apple and Amazon came out with denials, many readers remained on Bloomberg’s side. At the same time, the US Department of Homeland Security released comments that generally support the Apple version.
One way or another, if companies lie, they may face severe fines from shareholders and the US SEC. Nevertheless, it is strange that Bloomberg, insisting on its version this hard, decided to run the risk of undermining its own reputation. Statements about espionage are serious charges that people (not to mentions government officials) would not forget in a week.
At the moment, it is not clear how will events evolve. However, one may remain certain: the theft of personal data is something to be taken seriously no matter what side you’ve found yourself on.
Featured image credit: Pixabay