Apple pens letter to Congress saying that the company has not been hacked
The company is sticking by its original claim.
Apple has now told the U.S. Congress what it said publicly last week. Despite news to the contrary, the iPhone maker says it wasn’t exposed to a data hack at the hands of Chinese officials, with the letter first being shown by Axios.
In a letter to the U.S. House and Senate, Apple’s top security officer, George Stathakopoulos says it has found no evidence of hacking at the company. Further, he explains:
Apple’s proprietary security tools are continuously scanning for precisely this kind of outbound traffic, as it indicates the existence of malware or other malicious activity. Nothing was ever found.
On Thursday, Bloomberg Businessweek published a story three years in the making that said hackers working for the Chinese government were able to infiltrate the American supply chain for up to 30 companies, including Apple and Amazon. The report was based on off-the-record interviews with 17 individuals who either worked at one of the companies exposed or the U.S. government.
Soon after the story was published, Amazon, Apple, and the company at the center of the report, Super Micro, denied that any sort of infiltration occurred. This weekend, Britain’s National Cyber Security Centre and the U.S. Department of Homeland Security both said those agencies have no reason to doubt denials from Apple and Amazon.
Check out the letter:
Letter by Scribd
In the latest letter, Stathakopoulos repeated Apple’s statements that it never found malicious chips or vulnerabilities purposely planted in any server. He also said he would be available to brief Congressional staff on the issue this week.
The Bloomberg story
Bloomberg’s story says that China had manufacturers insert chips the size of the tip of a pencil into parts that were supplied to Supermicro, one the world’s biggest providers of server motherboards. From there, the sabotaged servers made their way inside data centers operated by dozens of U.S. companies. When the servers were activated, the microchip could alter the operating system’s core so it could accept modifications.
The story claims that companies and the U.S. government were informed about the security breaches years ago and resolved the issue. Further, Bloomberg admits it could find no information that said actual data was leaked.
It’s going to be interesting to see where this story goes moving forward. I don’t expect anyone outside of Bloomberg to admit publicly that the story is real. As I noted before, you should file this one under national security.
Do you think something happened? Let us know your thoughts below.
- Apple just pushed out an update that fixes the annoying charging issues with the iPhone XS
- Google kept a massive data breach under wraps and now it’s all coming to light
- Alexa and Google Assistant are dropping f-bombs and talking about cocaine