UPDATE or also known as “Whom do you Believe?”
In fairness to SuperMicro, their response is here.
So who is telling the truth here? Hard to say, but there are some things to factor in:
1 – First it’s a Bloomberg story. You’ll have to decide how much credibility you wish to give them LOL.
2 – It is entirely plausible that only a small group of people in these impacted firms/agencies are actually in the know. Let’s face it who wants to tell upper management that supply chain logistics and security processes failed like this?
3 – Some major intelligence agencies have programs that surround trying to intercept shipments to “taint” hardware/software destined for a target agency, firm, or network. Nothing new there and this has been going on for ages.
Who knows what is true, but my gut tells me this is most likely a combination of #2 and #3 above. Look at both sides of this, the timing, the politics, and form your own opinion.
—- Original Post —–
At this point I will ask what should be an obvious question. Is this just the tip of the iceberg? What else has been compromised from the hardware layer up?
Is their truth to the rumors floating about in ITSEC circles that several cyberwarfare units have LONG lists of zero-day vulnerabilities in key internet backbone routers, consumer routers, and a variety of industrial control devices?
For years it has been said that the fact that we manufacture less and less of our stuff here stateside was becoming a serious national security risk.
I often catch flak for absolutely refusing to buy any Chinese manufactured radio regardless of price. IMHO buying that cheap stuff only helps promote their bad behavior so think twice before you do it. Quality may cost a bit more at first, but it’s usually cheaper in the long run. Support your friends, not your enemies.
For the record I have no beef with the Chinese people. Their government? Well that is a different story.
In closing, the threats grow while we sit around distracted by the daily festival of silliness, propaganda presented as news, and a serious infection of cheapness.