Earlier today Patently Apple posted a report titled "Apple Denies Explosive Report about Spy Chips from China infiltrating their Servers." Late today we followed-up with a report dedicated to Apple's formal response posted in a long press release. You can now see why we categorized this Bloomberg story as explosive. So much so that an official response has been delivered in Beijing China.
Response by China's Ministry of Foreign Affairs
China is a resolute defender of cybersecurity. It advocates for the international community to work together on tackling cybersecurity threats through dialogue on the basis of mutual respect, equality and mutual benefit.
Supply chain safety in cyberspace is an issue of common concern, and China is also a victim. China, Russia, and other member states of the Shanghai Cooperation Organization proposed an "International code of conduct for information security" to the United Nations as early as 2011. It included a pledge to ensure the supply chain security of information and communications technology products and services, in order to prevent other states from using their advantages in resources and technologies to undermine the interest of other countries. We hope parties make less gratuitous accusations and suspicions but conduct more constructive talk and collaboration so that we can work together in building a peaceful, safe, open, cooperative and orderly cyberspace. —Translated by Bloomberg News in Beijing.
The timing of Bloomberg's report coincidentally (or not) was timed to Vice President's formal speech today on the Administration's policy towards China which was quite an eye opener.
Response from Supermicro
While we would cooperate with any government investigation, we are not aware of any investigation regarding this topic nor have we been contacted by any government agency in this regard. We are not aware of any customer dropping Supermicro as a supplier for this type of issue.
Every major corporation in today's security climate is constantly responding to threats and evolving their security posture. As part of that effort we are in regular contact with a variety of vendors, industry partners and government agencies sharing information on threats, best practices and new tools. This is standard practice in the industry today. However, we have not been in contact with any government agency regarding the issues you raised.
Furthermore, Supermicro doesn't design or manufacture networking chips or the associated firmware and we, as well as other leading server/storage companies, procure them from the same leading networking companies.
Bloomberg Interviews Reporter who Co-Authored "The Big Hack" Report
Below is Bloomberg's Business TV channel interviewing one of Bloomberg's reporters Jordan Robertson who broke "The Big Hack" story earlier today. The Bloomberg reporter at one point surmised that the hack was designed to spy on American businesses in order to steal their intellectual property long term without having to use a human spy network.