Britain’s national cyber security agency said on Friday it had no reason to doubt the assessments made by Apple and Amazon challenging a Bloomberg report that their systems contained malicious computer chips inserted by Chinese intelligence services. “We are aware of the media reports but at this stage have no reason to doubt the detailed assessments made by AWS and Apple,” said the National Cyber Security Centre, a unit of Britain’s eavesdropping agency, GCHQ. AWS refers to Amazon Web Services, the company’s cloud-computing unit.
“The NCSC engages confidentially with security researchers and urges anybody with credible intelligence about these reports to contact us,” it said. Apple’s recently retired general counsel, Bruce Sewell, told Reuters he called the FBI’s then-general counsel James Baker last year after being told by Bloomberg of an open investigation into Super Micro Computer, a hardware maker whose products Bloomberg said were implanted with malicious Chinese chips. “I got on the phone with him personally and said, ‘Do you know anything about this?,” Sewell said of his conversation with Baker. “He said, ‘I’ve never heard of this, but give me 24 hours to make sure.’ He called me back 24 hours later and said ‘Nobody here knows what this story is about.'”
The U.S. Department of Homeland Security said on Saturday that it too had no reason to doubt statements from companies that have denied the Bloomberg report.
“The Department of Homeland Security is aware of the media reports of a technology supply chain compromise,” DHS said in a statement. “Like our partners in the UK, the National Cyber Security Center, at this time we have no reason to doubt the statements from the companies named in the story,” it said.