Data center equipment run by Amazon Web Services and Apple may have been subject to surveillance from the Chinese government via a tiny microchip inserted during the equipment manufacturing process, according to a Bloomberg BusinessWeek report on Thursday. The claims in the report have been strongly disputed by the technology giants.
The chips, which Bloomberg said have been the subject of a top secret U.S. government investigation starting in 2015, were used for gathering intellectual property and trade secrets from American companies and may have been introduced by a Chinese server company called Super Micro that assembled machines used in the centers.
Apple, AWS and Super Micro dispute the report. Apple said it did not find the chips as asserted by BusinessWeek — which cited anonymous government and corporate sources. Super Micro reportedly denied that it introduced the chips during the manufacturing.
Asked by CNBC for comment, Apple pointed to denials already published by Bloomberg.
Apple has issued strong denials of the report, stating: “We are deeply disappointed that in their dealings with us, Bloomberg’s reporters have not been open to the possibility that they or their sources might be wrong or misinformed. Our best guess is that they are confusing their story with a previously reported 2016 incident in which we discovered an infected driver on a single Super Micro server in one of our labs. That one-time event was determined to be accidental and not a targeted attack against Apple.”
AWS has also denied the report, telling Bloomberg: “We’ve found no evidence to support claims of malicious chips or hardware modifications.”
AWS did not immediately respond to follow-up requests for comment by CNBC.
A statement from the China foreign ministry said “China is a resolute defender of cybersecurity.”
According to Bloomberg, the problem was discovered in 2015 and confirmed by independent security investigators hired by the cloud providers. Super Micro servers were removed by Apple that year, according to the report, which also asserts ties with Super Micro were severed in 2016. A follow-up investigation involving several government agencies was conducted, as well. Apple and AWS deny these moves involving Super Micro were related to chip worries. No consumer data was stolen as part of the alleged campaign, according to the report.
China has long been suspected — but rarely directly implicated — in en masse spy campaigns based on hardware made there. The majority of electronic components used in U.S. technology are manufactured in China. Companies including component manufacturers Huawei and ZTE, as well as surveillance camera maker Hikvision, have all fallen under intense suspicion and scrutiny from the U.S. government in the past year.
Intellectual property theft is one of the core arguments for tough trade restrictions on China by the Trump administration.