AWS CEO Jassy: 'Bloomberg Should Retract' China Spy Story


Amazon Web Services CEO Andy Jassy is joining Apple CEO Tim Cook in calling for Bloomberg to retract a major report from earlier this month, which alleges that servers used by the companies were compromised by Chinese intelligence services.

Both Apple and AWS had issued strong denials of the Bloomberg Businessweek story prior to their CEOs speaking out. Last week, Cook called for a retraction of the Bloomberg story in an interview with BuzzFeed News.

[Related: Read: Full Denials From AWS And Apple Of China Server Hack Report]

In a tweet Monday, Jassy said that Cook "is right" in his position.

Sponsored post

"Bloomberg story is wrong about Amazon, too," Jassy wrote in the tweet. "They offered no proof, story kept changing, and showed no interest in our answers unless we could validate their theories. Reporters got played or took liberties. Bloomberg should retract."

@tim_cook is right. Bloomberg story is wrong about Amazon, too. They offered no proof, story kept changing, and showed no interest in our answers unless we could validate their theories. Reporters got played or took liberties. Bloomberg should retract.

— Andy Jassy (@ajassy) October 22, 2018

Messages to Bloomberg were not immediately returned on Monday. "We stand by our story and are confident in our reporting and sources," Bloomberg told BuzzFeed last week.

The Bloomberg Businessweek report contended that server motherboards made by San Jose, Calif.-based Supermicro, which were eventually used by companies including AWS and Apple, were compromised with malicious hardware during manufacturing.

The servers were implanted with tiny microchips that were intended to transmit sensitive data to Chinese spies, according to Bloomberg.

Apple's response has included letters to the House and Senate commerce committees, saying that its internal investigations haven't corroborated the Bloomberg piece.

"There is no truth in their story about Apple," Cook told BuzzFeed last week.

Servers manufactured by Supermicro for Elemental Technologies—which Amazon acquired in 2015—were among those found with the malicious hardware implanted by China, according to the Bloomberg report.

Previously, AWS chief information security officer Steve Schmidt wrote in a post that the report is "untrue" as it relates to Amazon.

"At no time, past or present, have we ever found any issues relating to modified hardware or malicious chips in SuperMicro motherboards in any Elemental or Amazon systems," Schmidt wrote in the post on the AWS website.

Along with Apple and AWS, Supermicro has also repeatedly denied the accuracy of the Bloomberg report.

In addition, the U.S. Department of Homeland Security has released a statement showing support for the rebuttals issued by Apple and AWS.

In a follow-up story this month, Bloomberg reported that a major U.S. telecommunications company, which was not identified by name, discovered and removed a compromised Supermicro server in August.

But Supermicro also denied the claims of that report, and U.S. telecoms including Verizon, AT&T, T-Mobile and Sprint have said they were not affected.

Supermicro CEO Charles Liang Monday issued a statement saying that the Bloomberg reports have "created unwarranted confusion and concern for our customers, and has caused our customers, and us, harm."

"Bloomberg should act responsibly and retract its unsupported allegations that malicious hardware components were implanted on our motherboards during the manufacturing process," Liang said in the statement, provided to CRN. "The allegations imply there are a large number of affected motherboards. Bloomberg has not produced a single affected motherboard, we have seen no malicious hardware components in our products, no government agency has contacted us about malicious hardware components, and no customer has reported finding any malicious hardware components, either."