People purchase the new iPhone XS and XS Max at the Apple store in Midtown Manhattan on September 21, 2018 in New York City
People purchase the new iPhone XS and XS Max at the Apple store in Midtown Manhattan on September 21, 2018 in New York City

British security services speak out over claims China planted tiny chips in Apple and Amazon computers

If the hack on Apple, Amazon and the US defense establishment is real, it would be one of the most spectacular cyberattacks ever carried out

Andrew Griffin
Friday 05 October 2018 15:31
comments

British security services have spoken out about claims that China managed to plant tiny chips in computers that made their way across the US.

The bombshell report came from Bloomberg News this week and alleged that special agents in the People's Liberation Army had dropped tiny components into computer hardware before it left the country. It would eventually go on to be used by companies including Amazon, Apple and many others, as well as the US defence establishment.

Such a hack would allow spies to look in on messages being sent across Apple's cloud services, for instance, and intercept messages as soon as they are sent. And a hardware breakthrough of that kind would mark a step change in the kind of hacks that are possible, since they could not be easily found or fixed.

But both Apple and Amazon have already denied the claims in the strongest possible terms.

And now British security services have rejected them, too. The National Cyber Security Centre, which is part of UK spy agency GCHQ, said that it agreed with those denials from the two companies.

“We aware of the media reports but at this stage have no reason to doubt the detailed assessments made by AWS and Apple," an NCSC spokesperson said.

“The NCSC engages confidentially with security researchers and urges anybody with credible intelligence about these reports to contact us.”

The denial came after Apple and Amazon – the two companies named in the report – both emphatically rejected the content of the report. They both said they were unaware of the claims and had undertaken detailed investigations to find any chips and had discovered nothing.

Apple even published a special page on its website, under the title "What Businessweek got wrong about Apple", that took all of the claims on in detail. It said on that page that there is "no truth to these claims", that it never found malicious chips, and that its contacts in law enforcement had not heard of such a case either.

"As we have previously informed Bloomberg, this is completely untrue," Apple concluded. "Apple has never found malicious chips in our servers.

"Finally, in response to questions we have received from other news organisations since Businessweek published its story, we are not under any kind of gag order or other confidentiality obligations."

Join our new commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

View comments