WASHINGTON • China secretly inserted surveillance microchips into servers used by major technology companies, including Apple and Amazon, in an audacious military operation likely to further inflame trade tensions between the United States and its leading source of electronics components and products, Bloomberg Businessweek has reported.
The Thursday article detailed a sweeping, years-long effort to install the surveillance chips in servers whose motherboards - the brains of the powerful computers - were assembled in China.
One affected company had its servers used by US government clients, including Department of Defence data centres, navy warships and the Central Intelligence Agency in its drone operations.
The extent of the data China collected from the surveillance chips was not clear from the report, and no consumer information was known to have been stolen, according to Bloomberg Businessweek.
But it said a top-secret US government investigation, dating from 2015 and involving the Federal Bureau of Investigation (FBI), remains open.
The report cited 17 unnamed sources, including industry insiders and current and former US officials. The Chinese government, Apple, Amazon and other involved companies disputed the report to Bloomberg Businessweek, and the FBI and US intelligence officials declined to comment.
One US official told The Washington Post that the thrust of the reporting was accurate.
President Donald Trump last month alleged that China was meddling in the US mid-term elections.
The two countries are locked in a bitter and escalating trade war, in which hundreds of billions of US and Chinese products are under tariff.
The reported manipulation of electronics supply chains to US companies are certain to sharpen longstanding questions about the crucial but uneasy relationship between the world's two leading economies.
American companies design and sell leading technology products such as servers, laptop computers and smartphones, but they are built and assembled largely in China.
US officials have long worried about the potential for altered microchips or other components to be secretly inserted into products and shipped to the US and elsewhere, opening doors to long-term spying on computer users and their information networks.
Surveillance through altered hardware is more difficult to execute than more familiar hacks to software, but the results can be harder to remedy because the components must be detected and physically removed, or use of the hardware must be discontinued.
The surveillance microchips reportedly could have connected to outside computers and secretly downloaded software to bypass security protections, such as passwords or encryption keys, stored elsewhere on the affected servers, enabling remote computerised spying.
The operation, which Bloomberg Businessweek attributed to a Chinese military unit that specialises in hacking hardware, worked by inserting a tiny, innocuous-looking microchip onto motherboards in servers produced by Supermicro, a leading supplier of such equipment based in San Jose.
The company is American but the motherboards were assembled mainly in China.
Both Apple and Amazon discovered the surveillance chips in 2015 and took steps to replace the affected servers, according to the report, which described close cooperation between US investigators and affected companies.
The report said that dozens of companies may have used sabotaged servers in their data centres before the Chinese operation was detected.
Supermicro refuted the report: "We are not aware of any investigation regarding this topic nor have we been contacted by any government agency in this regard."