On Sunday the Congress was briefed by Apple’s top security officer that they had found no sign of hacking attempt or other evidence that it had been penetrated in a sophisticated attack on its supply chain.
George Stathakopoulos, Apple’s Vice President for Information Security told in a letter to the Senate and House commerce committees that the company investigated this matter many times and had found no evidence for the claims made by Bloomberg Businessweek article, including that chips inside servers sold to Apple by Super Micro Computer allowed for stealth backdoor transmissions to China.
He wrote this in the letter provided to Reuters ;
Apple’s proprietary security tools are continuously scanning for precisely this kind of outbound traffic, as it indicates the existence of malware or other malicious activity. Nothing was ever found.
Vice President for Information Security told to the press that they never found any harmful chips or vulnerabilities attached to any server or got contacted by FBI about this issue. He said he would be available to brief Congressional staff on the issue this week.
The letter follows statements made by Britain’s National Cyber Security Centre and on Saturday made by the U.S Department of Homeland Security that those agencies have no reason to doubt denials from Apple and Amazon that they had discovered backdoored chips.
Bloomberg said on Friday it stood by its story, which was based on 17 Unknown sources. Some allegations were based on fewer accounts or even a single unnamed source, Apple noted in its letter.
No response has been issued by Bloomberg on this issue yet, however, taking in consideration all the denials and all the support by UK’s Cyber Security Center and backing by US DHS(Department of Homeland Security), it looks like that the report about Chinese spies and their chipsets was just a false rumor and there hadn’t been any such incident which caused data leaks.