Super Micro Says No Evidence Found Of Spying Chips Embedded In Its Motherboards

Are Super Micro server motherboards safe from Chinese spies? A recent audit has determined that the Super Micro motherboards are indeed free of malicious microchips, running contrary to an explosive Bloomberg Businessweek article that made waves in early October. The company sent a letter to its customers and assured them that “no evidence” has been found of wrongdoing.

A report from Bloomberg claimed that that Chinese spies had planted malicious microchips on Super Micro motherboards. These microchips supposedly created a “stealth doorway into any network that included the altered machines”. They were reportedly placed by agents of the People’s Liberation Army, the armed forces of the People's Republic of China and Communist Party of China, during the manufacturing process. The motherboards were reportedly used in American data centers by companies like Apple and Amazon.

supermicro headquarters
Image from Super Micro 

So, who allegedly found evidence of these spying microchips that prompted the original report? In 2015, Amazon was considering acquiring Elemental Technologies, an Oregon-based software company. Amazon hired a third-party company to evaluate Elemental’s security and supposedly discovered the microchips. 

Bloomberg's report was incredibly controversial. Apple and Amazon conducted their own audits and insisted that no microchips had been found. The United States Department of Homeland Security (DHS) supported their statements and concluded that they had “no reason to doubt” Apple and Amazon’s assertions. The companies also demanded that the story be retracted.

Super Micro hired Nardello & Co., a global investigation company, to conduct an audit. The company tested both motherboards that are currently in production and ones that had been sold in the past. They were unable to corroborate Bloomberg’s report. Super Micro recently stated, “As we have stated repeatedly since these allegations were reported.... and we have never seen any evidence of malicious hardware on our products.”

It is unclear what will happen next. Super Micro’s shares dropped 41% immediately after the publication of the report. Shares have somewhat recovered, but the company is still dealing with the aftermath. Super Micro has also stated that its is “reviewing their legal options”, but it has not given any more details.

Bloomberg has neither retracted its report nor provided any further proof. The publication claimed that its reporting could be verified by seventeen individuals, including four U.S. officials, but no one has offered any additional evidence. It will interesting to see what legal steps Super Micro will take to clear their name and receive compensation.