Chinese Inserting A Backdoor On Supermicro Server BMCs

US officials have shared details of a widespread hardware hack which saw Chinese spies infiltrate 30 American companies, including Amazon and Apple, in 2015 by planting rice-sized computer chips onto their server motherboards which gave hackers access to sensitive consumer and government data.

Nicolas Waisman, VP of Security Consulting at Cyxtera:

“The supply chain is always at risk so it’s not surprising to learn about this implant vulnerability. Our team uncovered BMC vulnerabilities earlier this year and reported that they could easily be exploited for malicious purposes, with or without a backdoor implant. The only dependency was a network connection. Once compromised, we found that it was 100% possible to launch an attack using remote code execution. The bottom line is that BMCs, or any system with network access, is vulnerable to attack. It’s doesn’t require an implant from a nation state adversary. Organisations must protect themselves by practicing defence-in-depth, especially across their supply chain. Additionally, it’s important to isolate systems at the network level. In our research, we were able to mitigate the risk of inbound calls to the BMC and lateral movement using software-defined perimeter solution.”