Built in computer backdoors

SGaynor

Well-known member
Dec 6, 2006
7,148
162
52
Bristol, TN
This is some scary shit:

The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies

Nested on the servers? motherboards, the testers found a tiny microchip, not much bigger than a grain of rice, that wasn?t part of the boards? original design. Amazon reported the discovery to U.S. authorities, sending a shudder through the intelligence community. Elemental?s servers could be found in Department of Defense data centers, the CIA?s drone operations, and the onboard networks of Navy warships. And Elemental was just one of hundreds of Supermicro customers.

During the ensuing top-secret probe, which remains open more than three years later, investigators determined that the chips allowed the attackers to create a stealth doorway into any network that included the altered machines. Multiple people familiar with the matter say investigators found that the chips had been inserted at factories run by manufacturing subcontractors in China.

This attack was something graver than the software-based incidents the world has grown accustomed to seeing. Hardware hacks are more difficult to pull off and potentially more devastating, promising the kind of long-term, stealth access that spy agencies are willing to invest millions of dollars and many years to get.
 

SGaynor

Well-known member
Dec 6, 2006
7,148
162
52
Bristol, TN
"Amazon’s security team conducted its own investigation into AWS’s Beijing facilities and found altered motherboards there as well, including more sophisticated designs than they’d previously encountered. In one case, the malicious chips were thin enough that they’d been embedded between the layers of fiberglass onto which the other components were attached, according to one person who saw pictures of the chips."

Damn. Damn, damn!

That's some impressive engineering - building them into the fiberglass circuit boards.
 

Tugela

Well-known member
May 21, 2007
4,754
562
Seattle
I wish Land Rover had been that sophisticated in engineering the circuit boards in my Disco. My rear windows would work forever.
 

jim-00-4.6

Well-known member
Sep 30, 2005
2,037
6
61
Genesee, CO USA
I wish Land Rover had been that sophisticated in engineering the circuit boards in my Disco. My rear windows would work forever.
My P38 had an abacus.
Well, several of them.
As long as the beads didn't slide around too much, even the air suspension worked correctly.
 

kennith

Well-known member
Apr 22, 2004
10,891
172
North Carolina
Does any one else have any more info on this keep it on the table

Sure...

1: That person.

2: Someone who was there.

3: An official.

4: Top representatives.

5: People.

Didn't you read the article? :rofl:

Regardless, it's not something that's unprecedented. Billed as the "cutting edge of the cutting edge" in the article, it's nowhere near as clever as that, nor as modern. This has been around for a very, very long time.

Hardware-level tampering is the pinnacle of proper hacking; in that it's still possible today. It is possible, however, because it is not actually overly complicated once you're in charge of the fucking factory making the parts.

At that point, it's pretty much idiot-proof. With all the parts going in and out of server farms, one cannot check everything. They can check most things, but not everything. That's why the practice has never died out.

Just a few weeks ago I was asked how I'd accomplish a similar level of access, and my response was the same damned thing: Force a manufacturer to inject compromised technology into their supply line, and cause it to be physically activated on-site.

How? Use a largely standardized part with many iterations and constant development sample alterations. This will buffer the time required to deploy and employ the breach.

Hardware access is about the lowest of lowest level computer trickery (that means deeper and more hardware-specific; not less complicated), but it's only going to work so long before software updates expecting certain behaviors begin to experience errors out of the realm of general possibility.

Time's up once you run out of codes, and people start x-raying every other "failed" board.

We expect microcode to simply "work". If problems are encountered, every other level is going to be examined first.

It's simple, it's brilliant (in that the people who would have done such a thing knew damned well nobody would be looking that close), but it's traceable, as noted in the article. You already know that when going in. The operation is finite. You have "X" amount of time to infiltrate and activate the code, or cause it to be activated by expected operating environment behavior; which in my estimation would be the preferred method of activation.

Use that time wisely.

Cheers,

Kennith
 

ezzzzzzz

Well-known member
Apr 22, 2010
604
7
SE Va
Proper firewalls and administration of same are used to stop this type of infiltration. Records would show a particular PC or server sending out packets to a given address. Algorithms would alert the admin. A good admin would see the traffic pattern anyhow. The firewall would not allow the specific IP to be seen in the outside world and any hacking attempts would be found, again by algorithms or a good admin, and blocked. I gave 22 years in IT and cybersecurity for the DoD. This nothing new and hardly a threat unless there is no boundary. The biggest threat is and always has been the insider walking out with data.
 

kennith

Well-known member
Apr 22, 2004
10,891
172
North Carolina
Proper firewalls and administration of same are used to stop this type of infiltration. Records would show a particular PC or server sending out packets to a given address. Algorithms would alert the admin. A good admin would see the traffic pattern anyhow. The firewall would not allow the specific IP to be seen in the outside world and any hacking attempts would be found, again by algorithms or a good admin, and blocked. I gave 22 years in IT and cybersecurity for the DoD. This nothing new and hardly a threat unless there is no boundary. The biggest threat is and always has been the insider walking out with data.

That's mostly accurate.

I was specifically asked how I'd go about remotely damaging a server in the thought experiment presented. Nothing else needed to happen, so it was a pretty simple affair to invent a scenario.

In the examples they're giving, it depends on what boards were affected and how they were used, in regard to whether or not any information would be retrievable remotely. There are about a million and one ways to do it without ever interacting with a firewall or causing any notifications to be sent; but you're going in different directions with each.

The weak link is always the human, though; and in that industry, it's easy to score as many as you need.

I'd wager that, if this did happen, these were installed for future physical access. That makes the most sense. Pepper server farms with them, and then go after whatever it is you want. You don't have to do it that way, but less information about the site is required to get the job done.

It could just be a drag net situation, but that's not an entertaining discussion for the same reason nobody carries a .22 in a zombie film.

Cheers,

Kennith
 

ERover82

Well-known member
Nov 26, 2011
3,899
450
Darien Gap
In the examples they're giving, it depends on what boards were affected and how they were used, in regard to whether or not any information would be retrievable remotely. There are about a million and one ways to do it without ever interacting with a firewall or causing any notifications to be sent; but you're going in different directions with each.

How is information going to be transferred without using the network? Wireless isn't an option. USB sticks wouldn't need a hidden chip, and would be obvious. There's only a couple pathways for data to enter or exit a computer, or a network. Even a disguised gateway would be subject to network snooping/security tools.
 

p m

Administrator
Staff member
Apr 19, 2004
15,617
838
58
La Jolla, CA
www.3rj.org
Proper firewalls and administration of same are used to stop this type of infiltration. Records would show a particular PC or server sending out packets to a given address. Algorithms would alert the admin. A good admin would see the traffic pattern anyhow. The firewall would not allow the specific IP to be seen in the outside world and any hacking attempts would be found, again by algorithms or a good admin, and blocked. I gave 22 years in IT and cybersecurity for the DoD. This nothing new and hardly a threat unless there is no boundary. The biggest threat is and always has been the insider walking out with data.

And this is exactly how it was discovered, by Apple and by Amazon. They do have good IT people, and a lot of it.
However...
The chip may lay dormant for a long time, and become active for a few millisecond to reset, say, admin credentials. The attack (or data grab) can then happen from a benign, non-blocked, non-monitored IP address/port combination. It does not take a long time to inflict considerable damage.

To have an idea of IP traffic to/from a regular home computer, get yourself a copy of Wireshark and enjoy the show.
 

kennith

Well-known member
Apr 22, 2004
10,891
172
North Carolina
How is information going to be transferred without using the network? Wireless isn't an option. USB sticks wouldn't need a hidden chip, and would be obvious. There's only a couple pathways for data to enter or exit a computer, or a network. Even a disguised gateway would be subject to network snooping/security tools.

That's not something I'm going to get into here, but I promise you can figure out a few if you put your mind to it.

You're just thinking too far up the ladder. We all do nowadays.

Cheers,

Kennith
 

Ballah06

Well-known member
Jan 21, 2007
5,633
15
Savannah, GA
Proper firewalls and administration of same are used to stop this type of infiltration. Records would show a particular PC or server sending out packets to a given address. Algorithms would alert the admin. A good admin would see the traffic pattern anyhow. The firewall would not allow the specific IP to be seen in the outside world and any hacking attempts would be found, again by algorithms or a good admin, and blocked. I gave 22 years in IT and cybersecurity for the DoD. This nothing new and hardly a threat unless there is no boundary. The biggest threat is and always has been the insider walking out with data.

Problem w 'regular' DoD IT and programs they use, at least from an IT outsider but user perspective, it's just the amount of barriers that it takes to get stuff done. Not talking even about complex issues, but even simple things. It's like you are stuck in first gear non-stop. Go to the G6 and keep filling out forms... Want unimproved software? Act of God... Tons of contractors and GS types who seemingly know nothing about IT who are the 'go to'. Sorry for venting.
 

ERover82

Well-known member
Nov 26, 2011
3,899
450
Darien Gap
That's not something I'm going to get into here, but I promise you can figure out a few if you put your mind to it.

You're just thinking too far up the ladder. We all do nowadays.

Cheers,

Kennith

You watch too many movies. The way it was detected was down the ladder, back on earth.
 

kennith

Well-known member
Apr 22, 2004
10,891
172
North Carolina
You watch too many movies. The way it was detected was down the ladder, back on earth.

Man, I've had enough of your shit. You're a fucking moron.

Read my post again. I literally just told you that you're thinking too high up.

I figured we just disagreed on flashlights and I was having fun with it, but if this is your response to my post, you have no critical thinking ability whatsoever.

This is NOT a subject that should be explored here. Period. If you can't be bothered to do it yourself, you will remain ignorant and clearly illiterate.

Now, that may be a personal deficit. You may have some learning disability. That's fine, but don't give other people advice, or enter conversations for which you are intellectually unprepared.

Cheers,

Kennith
 

ERover82

Well-known member
Nov 26, 2011
3,899
450
Darien Gap
Hopefully you share just one of those "million" ways to transfer information undetected. While you're at it, you recently claimed USB sucks in another thread. Genuinely interested.
 

kennith

Well-known member
Apr 22, 2004
10,891
172
North Carolina
Hopefully you share just one of those "million" ways to transfer information undetected. While you're at it, you recently claimed USB sucks in another thread. Genuinely interested.

I ain't sharing that publicly, or even privately beyond a select few people. You'll need to read up on the fundamentals on how computers actually function and take it from there.

As for USB, in a nutshell:

1: It's only good for about six feet before you have to get clever.

2: This is changing somewhat, but the connectors suck. For twenty fucking years or so we've all had to attempt to plug them in three times before we get it right.

3: Despite promises, even to this day it doesn't function overly well without a modern operating environment.

4: It's highly bandwidth limited. There have been better ways to handle this stuff. Now, that's improving as well, but when it takes this long, you've got a bad innovation.

5: The "universal" aspect isn't always so "universal".

6: I don't care how much technology they squeeze in there, you just need more copper than that for a reliable connection. The tiny connectors, while acceptable for phones and things of that nature, do not allow for fat enough wire.

It basically sucks for the same reasons HDMI sucks.

Cheers,

Kennith
 

kennith

Well-known member
Apr 22, 2004
10,891
172
North Carolina

Not too many people know, and that's the point. They could know, but they have no reason to even consider it.

You're still barking up the wrong tree, and that's the last thing I'll say on the subject.

Cheers,

Kennith
 

kennith

Well-known member
Apr 22, 2004
10,891
172
North Carolina
So have we bombed China to teach them a lesson or did we just write hand wringing articles?

No telling what happened or didn't happen.

That Bloomberg "report" followed the popular "I heard it from my sister's cousin's hairdresser" model.

Just because it can be done doesn't mean it was done.

Hell, for all we know it's a security feature.

Cheers,

Kennith