Could A Tiny Chinese Hardware Implant Control US Servers?

A stealth component smaller than a grain of rice is said to have been embedded in circuit boards that were manufactured in China and then used in servers of major U.S. companies, including Amazon and Apple. That’s the contention of an article that appeared in Bloomberg Businessweek earlier this month. The implant scheme was said to be implemented by the Chinese People’s Liberation Army (PLA) and to create a backdoor that would allow a remote agent to surreptitiously take over the server. The narrative was roundly denied by the major parties, including the Chinese government. (The denials were also posted by Bloomberg.) This story and its implications are scrutinized by a computer researcher and lecturer at UC Berkeley, writing in the national security blog Lawfare. He calls this “a very scary security incident,” one that potentially compromises dozens of U.S. companies and tens of thousands of computers. “Even if this proves a false alarm,” he says, “it is a sobering wake-up call.”