Nested on the servers’ motherboards, the testers found a tiny microchip, not much bigger than a grain of rice, that wasn’t part of the boards’ original design. Amazon reported the discovery to U.S. authorities, sending a shudder through the intelligence community. Elemental’s servers could be found in Department of Defense data centers, the CIA’s drone operations, and the onboard networks of Navy warships. And Elemental was just one of hundreds of Supermicro customers.
interdiction, consists of manipulating devices as they’re in transit from manufacturer to customer. This approach is favored by U.S. spy agencies, according to documents leaked by former National Security Agency contractor Edward Snowden. The other method involves seeding changes from the very beginning.
In emailed statements, Amazon (which announced its acquisition of Elemental in September 2015), Apple, and Supermicro disputed summaries of Bloomberg Businessweek’s reporting.
The Chinese government didn’t directly address questions about manipulation of Supermicro servers, issuing a statement that read, in part, “Supply chain safety in cyberspace is an issue of common concern, and China is also a victim.” The FBI and the Office of the Director of National Intelligence, representing the CIA and NSA, declined to comment.
+++++++++++++
more on hackers in this IMS blog
https://blog.stcloudstate.edu/ims?s=hacker
FBI Warns Educators and Parents About Edtech’s Cybersecurity Risks
https://www.edsurge.com/news/2018-09-14-fbi-warns-educators-and-parents-about-edtech-s-cybersecurity-risks
The FBI has released a public service announcement warning educators and parents that edtech can create cybersecurity risks for students.
In April 2017, security researchers found a flaw in Schoolzilla’s data configuration settings. And in May 2017, a hacker reportedly stole 77 million user accounts from Edmodo.
Amelia Vance, the director of the Education Privacy Project at the Future of Privacy Forum, writes in an email to EdSurge that the FBI likely wanted to make sure that as the new school year starts, parents and schools are aware of potential security risks. And while she thinks it’s “great” that the FBI is bringing more attention to this issue, she wishes the public service announcement had also addressed another crucial challenge.
“Schools across the country lack funding to provide and maintain adequate security,” she writes. “Now that the FBI has focused attention on these concerns, policymakers must step up and fund impactful security programs.”
According to Vance, a better approach might involve encouraging parents to have conversations with their children’s’ school about how it keeps student data safe.
++++++++++
more on cybersecurity in this IMS blog
https://blog.stcloudstate.edu/ims?s=cybersecurity
A Voice Cuts Through, and Adds to, the Intrigue of Russia’s Cyberattacks
++++++++++++++++++++
more on Eastern European hackers in this IMS blog:
https://blog.stcloudstate.edu/ims/2016/06/22/ukrainian-hacker-and-fbi/
More on hackers and crackers in this blog:
https://blog.stcloudstate.edu/ims?s=hacker