Last week, it was reported in Bloomberg that hardware — specifically data center hardware — was allegedly set up with microchips via motherboards built by Super Micro, which were used in surveillance activities to gather intellectual property and trade secrets. The report claimed that 30 companies based in the United States were impacted, including tech giants Apple and Amazon.
However, both companies denied the reports, with the firms claiming they did not find evidence of wrongdoing. As Amazon said, it found “no evidence to support claims of malicious chips or hardware modifications.”
According to a statement from the DHS, there is "no reason to doubt the statements from the companies."
Still, Bloomberg is standing by its story, which alleged that the chips-as-surveillance effort had been first discovered by Apple more than three years ago, and was disclosed to the FBI. Amazon was also in touch with authorities, according to the initial stories, and reportedly dropped Super Micro from its supply chain two years ago.
In a statement last week, Apple said that “over the course of the past year, Bloomberg has contacted us multiple times with claims” of security incidents. “We have repeatedly and consistently offered factual responses, on the record, refuting virtually every aspect of Bloomberg’s story relating to Apple.”
Apple continued in the statement, “On this we can be very clear: Apple has never found malicious chips, ‘hardware manipulations’ or vulnerabilities purposely planted in any server. Apple never had any contact with the FBI or any other agency about such an incident. We are not aware of any investigation by the FBI, nor are our contacts in law enforcement.”
Super Micro said in its own statement that “while we would cooperate with any government investigation, we are not aware of any investigation regarding this topic, nor have we been contacted by any government agency in this regard. We are not aware of any customer dropping Super Micro as a supplier for this type of issue.”