Portland startup among U.S. companies reportedly hacked by Chinese spies
According to U.S. officials, the Chinese military placed tiny microchips on server motherboards to infiltrate nearly 30 U.S. companies, including Amazon, Apple and Super Micro, in what is being called the "Big Hack."
Bloomberg BusinessWeek first reported the cyberattack, which allegedly occurred several years ago and received information from U.S. investigators.
Bloomberg claimed computers made for Portland startup Elemental Technologies contained a tiny chip, which had been planted during production overseas to help China spy on American companies and intelligence agencies.
The risk is significant, potentially allowing Chinese hackers to gain access to sensitive information or even take control over the servers.
Tech giants vehemently deny the reported hardware hack.
In a prepared statement to KATU News, Amazon, the parent company of Elemental Technologies, called the article "inaccurate" and "erroneous" in a company blog post.
"As we shared with Bloomberg BusinessWeek multiple times over the last couple months, at no time, past or present, have we ever found any issues relating to modified hardware or malicious chips in Super Micro motherboards in any Elemental or Amazon systems," an Amazon spokesperson said in a written statement. "Additionally, we have not engaged in an investigation with the government."
Oregon Cybersecurity Advisory Council Vice Chair Charlie Kawasaki told KATU international hackers are generally driven to find sensitive economic information and military secrets.
"There is a lot of money that changes hands on the internet today and so there is a tremendous business in stealing Bitcoin, credit card information," Kawasaki said. "There are so many ramifications for a breach."
Kawasaki said the international hack, if true, does not typically affect the average consumer; however, costs associated with recovering from a significant hack can trickle down.
"If an organization that you do business with has a cyberattack and ends up having to spend $100 million or $1 billion to fix it, they’re passing that on through you, so it’s costing you money," he said. "[Companies] have a lot at stake to make sure that they are safe."
Kawasaki says consumers are at risk daily by hackers constantly trying to steal your personal and financial information.
"With a sophisticated attack like this reported in Bloomberg, those are much more rare, but on a daily basis, consumers are being targeted because they’re kind of easy prey, they don’t use best practices," Kawasaki said. "They use the same password for every website that they log into ... that makes them very vulnerable."
Since 2015, the Oregon Department of Justice has required companies to report breaches when they affect more than 250 Oregonians.
In a three-year period, 237 reports were made.
- Spam and Phishing
Cybercriminals have become quite savvy in their attempts to lure people in and get you to click on a link or open an attachment.
- Online Shopping
It’s important to take steps to protect yourself when shopping online.
- Back it Up
Protect yourself against data loss by making electronic copies -- or backups -- of important files.
- Malware, Botnets and Ransomware
The internet is a powerful and useful tool, but in the same way that you shouldn’t drive without buckling your seat belt or ride a bike without a helmet, you shouldn’t venture online without taking some basic precautions.