Supermicro equipment and software was tampered with by Chinese operatives, Bloomberg reported, alleging that U.S. security and defense officials knew of the hack but kept it secret in an effort to learn more about China's hacking capabilities.
Bloomberg initially reported on the Supermicro hack in 2018, claiming that Apple and Amazon discovered malicious chips on Supermicro equipment. At the time, both companies forcefully denied the allegations.
In Friday's report, Bloomberg alleged that the Pentagon was targeted beginning in 2010 by a hack involving hidden code in Supermicro products' BIOS. The FBI reportedly had evidence suggesting that Supermicro "had been infiltrated by people working — wittingly or unwittingly — for China." Frank Figliuzzi, former FBI assistant director for counterintelligence, said "Supermicro's tale of woe is a chilling wake-up call for the industry ... This is a 'don't let this happen to you' moment for anyone in the tech sector supply chain."
In 2014, evidence of malicious chips on Supermicro motherboards was reportedly discovered. Mukul Kumar, formerly chief security officer for Altera, said he was briefed on the discovery by government officials. "The agents said it was not a one-off case; they said this was impacting thousands of servers," he said.