A computer chip manufactured in China that is used in US military equipment contains a secret “backdoor” that could severely compromise security, a team of scientists from Cambridge University says.
In a recent report, Sergei Skorobogatov, a senior research associate at the University of Cambridge’s computer laboratory, wrote that his team had developed silicon chip scanning technology that allowed them to investigate claims by various intelligence services worldwide that silicon chips could be infected by malware, such as Stuxnet, that can allow a third party to gain access to or transmit confidential data.
Unlike software, no means currently exist to protect hardware against viruses or Trojan horses, a critical vulnerability for defense systems that are hardware-reliant.
For its research, Skorobogatov’s team selected a chip that was manufactured in China and is used by the US military. The chip, which is prevalent in many systems used in weapons, nuclear power plants and public transport, was considered highly secure and used sophisticated encryption standards.
After performing advanced code breaking, the team found a backdoor they say had been inserted by the manufacturer.
“This backdoor has a key, which we were able to extract,” Skorobogatov wrote on his Web site, discussing what he referred to as hardware assurance. “If you use this key you can disable the chip or reprogram it at will, even if locked by the user with their own key.”
The backdoor access could be turned into an advanced Stuxnet weapon to attack potentially millions of systems, he wrote, adding that the scale and range of the attacks that could be launched using it had huge implications for national security and public infrastructure.
The Cambridge team did not specify the Chinese manufacturer, nor did it mention whether this was an isolated case or signs of a wider trend, according to the online-based The Next Web.
Reports last year claimed that the US Navy had purchased 59,000 microchips in 2010 for use in missiles and transponders that turned out to be counterfeits from China. According to Wired magazine, the fake chips also contained “backdoors” that could have allowed a third party to remotely disable them at any time, severely compromising homing systems and friend-or-foe signals used by aircraft.
The discovery prompted the Intelligence Advanced Research Projects Agency to seek ways to scan hardware — including computer chips — for the presence of malware installed during the production process.
AIMED AT TAIWAN? Institute for National Defense and Security Research research fellow Ou Si-fu said chips can be ‘bought off the shelf’ and then used in weapons The Ministry of Economic Affairs (MOEA) yesterday said that chips from Taiwanese semiconductor companies were not making their way into Chinese missiles “to the best of our knowledge.” A report in yesterday’s Washington Post alleged that a Chinese company named Phytium Technology Co (飛騰) used chips made by Taiwan Semiconductor Manufacturing Co (TSMC, 台積電), along with US software, in advanced Chinese military systems. “TSMC has long placed strict controls on their chips. The export of high-tech products from Taiwan is also highly regulated,” Minister of Economic Affairs Wang Mei-hua (王美花) said. “According to our understanding, none of the end uses for those products
‘IMPORTANT PARTNER’: The new guidelines aim to encourage US engagement with Taiwan, which reflects a deepening relationship, the US Department of State said The US Department of State on Friday issued new guidelines governing US officials’ interactions with their Taiwanese counterparts, a move welcomed by Taipei as turning a new page in bilateral relations. Shortly before leaving office, then-US secretary of state Mike Pompeo on Jan. 9 announced the cancelation of previous contact guidelines, which he said were “self-imposed restrictions” that attempted to appease the Chinese Communist Party regime in Beijing. However, the status of the guidelines has been unclear since US President Joe Biden entered the White House. Asked about the issue during a legislative session on Thursday, Minister of Foreign Affairs Joseph Wu
Those needing to travel abroad should be able to buy a COVID-19 vaccine by the end of this month at the earliest, pending an official announcement next week, Centers for Disease Control Deputy Director-General Chuang Jen-hsiang (莊人祥) said yesterday. An expected 5,000 to 10,000 doses of the AstraZeneca vaccine are to be set aside for purchase by those with a specified need to travel, said Chuang, who is also the Central Epidemic Command Center’s (CECC) spokesman. Whether doses would be limited to business travelers or could include leisure travelers needs further discussion, he said, adding that a vaccination timeline is to be
‘IDEAL FIT’: A report on Sunday said that the Canadian government threatened to pull its support and funding from the HFX if the award was given to the president The government would respect the decision of the organizer of the John McCain Prize for Leadership in Public Service on whether it plans to award a prize to President Tsai Ing-wen (蔡英文), the Ministry of Foreign Affairs (MOFA) said yesterday. The statement was issued after US Web site Politico reported a day earlier that the Canadian government had warned the Halifax International Security Forum (HFX) not to give the award to Tsai for fear of provoking Beijing. “The ministry believes that if the Halifax International Security Forum confers the prize upon President Tsai, it would be an affirmation and honor for both