Posted On: October 09, 2018
There has been a lot of chatter the past several days around a POTENTIAL hack via a China-based manufacture chip. Yet, despite all the clamor, there are mixed reports about how real this is.
Bloomberg News cited unidentified US officials as saying malicious chips were inserted into equipment supplied by Super Micro Computer Inc. to American companies and government agencies. They asserted that the motherboards included a tiny microchip with code that caused the products to accept changes to their software and to connect to outside computers. And since these servers could be found in DoD data centers, the CIA’s drone operations and the onboard networks of Navy warships, as well as many other companies (like Apple Inc.), it’s got the security community’s attention.
But on the flipside, other industry leaders aren’t so quick to agree. According to The Register, the Bloomberg article has been strongly denied by the three main companies involved: Apple, Amazon and Super Micro. (Read their full responses to the Bloomberg article here.)
So, if there’s no agreement on whether or not this infiltration really happened, what is an organization to do to ensure that they remain safe when security can be so ambiguous?
As a general good practice when dealing with supply chains, SANS Institute recommends companies need to continue to advance their security practices with the following recommendations:
As for OneNeck’s response to this potential issue, we continue to validate, assess and advance our security and risk program:
Situations like this potential hack only reinforces the need to remain diligent and keep up with your security. As these threats become more sophisticated, so does the need to constantly assess your gaps and evolve your security.
Hybrid IT infrastructure that combines on-premises and public cloud capabilities is a strategy many enterprises are embracing. Download Now
Why is it important for organizations to embrace digital transformation? Just ask anyone that once worked for Blockbuster. It’s not that we quit... Continue Reading