Excellent article and something with extraordinary repercussions.
The world’s largest supplier of mothersboards, Supermicro, was caught adding spy chips to silicon they fabed for such companies as Amazon and Apple. All these parts had one thing in common: a Chinese contractor. One of the first cases was caught at Portland’s own Elemental technologies. A 3 year investigation showed almost 30 companies had their hardware infiltrated.
What does the chip do? Basically – it opens everything.
This system could let the attackers alter how the device functioned, line by line, however they wanted, leaving no one the wiser. To understand the power that would give them, take this hypothetical example: Somewhere in the Linux operating system, which runs in many servers, is code that authorizes a user by verifying a typed password against a stored encrypted one. An implanted chip can alter part of that code so the server won’t check for a password—and presto! A secure machine is open to any and all users. A chip can also steal encryption keys for secure communications, block security updates that would neutralize the attack, and open up new pathways to the internet. Should some anomaly be noticed, it would likely be cast as an unexplained oddity.