102 Class 01 Reading: What is a computer? - nataliabdallah/codefellows-ops-reading-notes GitHub Wiki
102 OPS | Home | README.md | Portfolio | →
Case Study: China’s Spy Chip
How is a hardware hack different than a software hack?
- Hardware hack is the manipulation of the physical parts of the device,
- Software hack does not require physical access to a device.
What are the two ways for spies to alter a computer’s hardware?
- interdiction (manipulating devices during the transit from manufacture to customer)
- seeding changes from the very begining (understanding the product's design and manipulating the product at the factory, and passing the global logistics chain undetected)
Explain how the hack worked.
- the chip was inserted in motherboards during the manufacturing process
- Gray or off-white looked like conditioning couplers, another common component on a motherboard, so they were undectectable unless by special equipment
- placed strategically on the motherboard in order to edit information queue between temporary memory en route to the server's central processor (CPU).
- inected its own code or altered order of instructions the CPU was meant to follow
How were investigators able to trace the chips back to the source?
- 2014, American Intelligence reported of the incident before it happened.
- May 2015, Apple detected suspicious chips inside Supermicro servers and reported it to FBI
- Amazon made a discovey, gave FBI access to sabotaged hardware
- FBI Cyber and Counter Intelligence teams ran a full investigation
- U.S Intelligence agencies tracked the chips by following Supermicro's supply chain in reverse
- 2016 U.S spy agencies sifted through communications intercepts, tapped informants in Taiwan and China, and tracked indivuals through phones
- Traced malicious chips to 4 subcontracting factories
Things I want to know more about
- how the hacking into a vehicle's electronics to control the car works