In this terrifying story from Bloomberg, it was revealed this week that widely-deployed servers manufactured by SuperMicro had been found to contain motherboards which had been modified at the factory. The boards had been tampered with, modified to contain tiny microchips which allowed “attackers to create a stealth doorway into any network that included the altered machines.” SuperMicro is an American company, based in San Jose, CA, but it uses the services of Chinese subcontractors who manufacture the internal motherboards used in the servers.
While software-based hacking incidents and data-breaches are often in the news, this type of hardware-based hacking is extremely difficult to execute and has never been seen before at this scale. For U.S. intelligence agencies, this “big hack” is especially alarming as the servers are deployed worldwide in Department of Defense data centers, CIA drone operations centers, and whole host of sensitive data centers. The investigation is ongoing.
FICS Research: Scanning for Assurance
As this type of hardware (server components) lies deep within the computing and internet infrastructure underlying much of modern life, quick fixes do not exist. The key to preventing supply chain hijacking is early detection—finding unauthorized modifications to hardware before they are deployed. Researchers at FICS Research have developed technology which would have been able to detect this type of hardware intrusion. A recent profile on IEEE Spectrum quotes Mark Tehranipoor, Director of FICS Research, as saying their system “could have identified this [rogue] part in a matter of seconds to minutes.” The system uses optical scans, microscopy, X-ray tomography, and artificial intelligence to compare a printed circuit board and its chips and components with the intended design.