NSA Senior Advisor Latest to Question Report Claiming China Hacked Apple's Former Server Supplier

Rob Joyce, Senior Advisor for Cybersecurity Strategy at the NSA, is the latest official to question the accuracy of Bloomberg Businessweek's bombshell "The Big Hack" report about Chinese spies compromising the U.S. tech supply chain.

the big hack
"I have pretty good understanding about what we're worried about and what we're working on from my position. I don't see it," said Joyce, speaking at a U.S. Chamber of Commerce cyber summit in Washington, D.C. today, according to a subscriber-only Politico report viewed by MacRumors.

"I've got all sorts of commercial industry freaking out and just losing their minds about this concern, and nobody's found anything," Joyce added.

Joyce, a former White House cybersecurity coordinator, noted that all of the companies named in the Bloomberg Businessweek report have issued strong denials, including Apple, Amazon, and Supermicro. He said those companies would "suffer a world of hurt" if regulators later determine that they lied.

Apple's statement read in part:

On this we can be very clear: Apple has never found malicious chips, "hardware manipulations" or vulnerabilities purposely planted in any server. Apple never had any contact with the FBI or any other agency about such an incident. We are not aware of any investigation by the FBI, nor are our contacts in law enforcement.

Bloomberg Businessweek, citing 17 unnamed sources, claimed that Chinese spies planted tiny chips the size of a pencil tip on server motherboards manufactured by Supermicro at its Chinese factories. The servers were then sold to companies such as Apple and Amazon for use in their respective data centers.

An unnamed government official cited in the report said China's goal was "long-term access to high-value corporate secrets and sensitive government networks," but no customer data is known to have been stolen.

The report claimed that Apple discovered the suspicious chips on the motherboards around May 2015, after detecting odd network activity and firmware problems. Two senior Apple insiders were cited as saying the company reported the incident to the FBI, but kept details about what it had detected tightly held.

Apple dropped Supermicro as a supplier in 2016, a decision the company said it made for reasons unrelated to "The Big Hack" story.

Joyce is far from the only source to question the accuracy of the Bloomberg Businessweek report. Both the U.S. Department of Homeland Security and the U.K.'s national cyber security agency have said they have "no reason to doubt" Apple's denial of the story, while the FBI is said to be unaware of the hack.

"We're just befuddled," said Joyce. He added that he had "grave concerns about where this has taken us," according to Politico. "I worry that we're chasing shadows right now. I worry about the distraction that it is causing."

In related news, Reuters reports that U.S. Senator John Thune has sent letters to the CEOs of Apple, Amazon, and Supermicro with questions about the allegations. U.S. Senators Marco Rubio and Richard Blumenthal also sent a joint letter to Supermicro CEO Charles Liang with similar questions.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Popular Stories

maxresdefault

Report: These 10 New AI Features Are Coming in iOS 18

Sunday May 26, 2024 12:57 pm PDT by
iOS 18 and macOS 15 will offer an array of new AI features such as auto-generated emojis, suggested replies to emails and messages, and more, Bloomberg's Mark Gurman reports. Subscribe to the MacRumors YouTube channel for more videos. A significant portion of Apple's Worldwide Developers Conference (WWDC) is expected to focus on AI features. Writing his latest "Power On" newsletter, Gurman...
airpods pro 2 pink

Apple Releases New AirPods Pro 2 Firmware

Tuesday May 28, 2024 11:46 am PDT by
Apple today released new firmware update for both the Lightning and USB-C versions of the AirPods Pro 2. The new firmware is version 6F7, up from the 6B34 firmware released in November. Apple does not provide details on what features might be included in the refreshed firmware beyond "bug fixes and other improvements," so it is unclear what's new in the update. Apple does not give...
new best buy blue

Best Buy's Memorial Day Sale Has Record Low Prices on iPads, MacBooks, and Much More

Friday May 24, 2024 7:12 am PDT by
Best Buy today kicked off its Memorial Day weekend sale, and it has some of the best prices we've tracked in weeks on iPads and MacBooks. Specifically, you'll find record low prices on the 5th generation iPad Air, iPad mini 6, M2 MacBook Air, and M3 MacBook Pro. Note: MacRumors is an affiliate partner with Best Buy. When you click a link and make a purchase, we may receive a small payment,...
maxresdefault

Gurman: iOS 18 Will Allow Users to Recolor App Icons and Place Them Anywhere

Sunday May 26, 2024 12:22 pm PDT by
Apple's iOS 18 update will introduce new features for further customizing the iPhone's home screen, according to Bloomberg's Mark Gurman. Subscribe to the MacRumors YouTube channel for more videos. In the latest edition of his "Power On" newsletter, Gurman claimed that Apple will allow users to change the color of app icons in iOS 18. For example, "you can make all your social icons blue or...
iPad Pro Landscape Apple Logo Feature

Apple Says Future iPads Could Feature Landscape Apple Logo

Monday May 27, 2024 6:31 am PDT by
French website Numerama interviewed three senior Apple employees about the new iPad Pro models that launched earlier this month. While the discussion did not reveal many new details, it did mention one potential change for future iPads. While the Apple logo on the back of iPads is positioned so that it appears upright in vertical orientation, the devices are often used in landscape...

Top Rated Comments

Kabeyun Avatar
74 months ago
I’m sure Apple was hacked... I wouldn’t admit it either.
You’re sure because it’s fun to believe, not because you have any kind of expertise, firsthand knowledge of all the facts, or knowledge of something no one else does. You just prefer to believe it. At least be honest about that. Conspiracy theories get the juices flowing, which is why so many of them, even the patently absurd ones, persist.
Score: 19 Votes (Like | Disagree)
macfacts Avatar
74 months ago
Yet the question remains: Why did Apple dump supermicro in 2016?
Link: https://www.marketwatch.com/story/super-micro-plummets-after-report-apple-cut-ties-on-security-fears-2017-02-23
Score: 16 Votes (Like | Disagree)
Kabeyun Avatar
74 months ago
Yet the question remains: Why did Apple dump supermicro in 2016?
You seem to like that phrase “the question remains,” even when it doesn’t, i.e. even when there’s a readily accessible logical explanation. It’s not difficult or clever to say “the question remains” without presenting a rational argument why it does. The question remains why does the question remain to you?
Score: 16 Votes (Like | Disagree)
Greenmeenie Avatar
74 months ago
Just because they haven’t found them, doesn’t mean they aren’t there. And if they did find them, do you really think Apple would admit to finding them? Of course not. They’d say exactly what they are saying now. Lol.
Score: 12 Votes (Like | Disagree)
itsmilo Avatar
74 months ago
Way too many officials disputing it which means it’s probably true
Score: 11 Votes (Like | Disagree)
Kabeyun Avatar
74 months ago
The interesting thing to me is this person stops short of saying, "it did not happen". If the likelihood of this particular claim is small(I have no idea), security experts must feel it could be possible.
Security experts, particularly government-level ones, are like scientists. You will hear “highly unlikely” or “the evidence doesn’t support” or “statistically improbable” or even “strains credibility” far more than “it’s impossible.” This is not mincing words; it’s avoiding hyperbole and allowing for future evidence. I don’t find it particularly interesting when an NSA official avoids that phrase, and I wouldn’t wait to hear it verbatim to understand that he’s saying it didn’t happen, particularly when synthesized with the detail in other corroborating statements. The burden is now squarely on Bloomberg to either support or retract their claim.
Score: 11 Votes (Like | Disagree)