DHS Press Secretary on Recent Media Reports of Potential Supply Chain Compromise

So basically Apple stated that they have not found anything and are not aware of FBI investigation and DHS confirmed Apple has not found anything and is not aware of FBI investigation. There is no statement that DHS has not found anything. The rest of the statement is water about DHS taking it's job seriously.

&gt; Information and communications technology supply chain security is core to DHS’s cybersecurity mission<p>How true is this? I know US-CERT is within DHS, but what else does DHS do in this area?<p>I did a bit of searching and found <a href="https:&#x2F;&#x2F;fcw.com&#x2F;articles&#x2F;2018&#x2F;02&#x2F;14&#x2F;dhs-supply-chain-security.aspx" rel="nofollow">https:&#x2F;&#x2F;fcw.com&#x2F;articles&#x2F;2018&#x2F;02&#x2F;14&#x2F;dhs-supply-chain-securit...</a>, which seems to imply that until 8 months ago, DHS wasn&#x27;t doing much (or anything) in this area. If that&#x27;s the case, I don&#x27;t see how a statement from them regarding supply chain security can carry any weight. You don&#x27;t go from nothing to being an expert in 8 months.

The Bloomberg report talked about how investigators tracked phone calls inside China, presumably by hacking and compromising Chinese telecom infrastructure. I don&#x27;t see how, even if true, the US government would own up to something like that, esp. when it is accusing China of hacking. Imagine the headlines that would generate if the Chinese admitted to doing the same to the US (tapping US calls without a court order and with the potential power to shut down the infrastructure in time of conflict). It would be a bigger deal than planting chips on a few motherboards. The whole story smells of fog of war.

What are people’s thoughts on investing in supermicro. If this story turns out to be false are they undervalued at the moment?

In this day and age it’s quite ironic for any country to say that they don’t hack other countries. China will hack, Russia will hack, japan will hack and USA will definitely hack.<p>It’s not just about control. It’s about corporate advantage as well.

If a real supply chain attack was actually happening sponsored by a foreign government, the US would flag it top secret and never release the details. I find it highly incredulous for DHS, or any US government agency, to publicly denounce such attacks as a non-issue... If anything, the report by Bloomberg is confirming what alot of people already suspected would happen or has already happened.

Suppose somebody had access to a potentially compromised motherboard exhibiting strange behavior on the network.<p>How would one go about analyzing it?<p>Who would be on the so-called dream team?<p>Asking for a friend.

Not taking a side, what the heck is the chip in the photos if the story is inaccurate?

So, both the British and US governments are on the record confirming Apple and Amazon&#x27;s statements. The next step should be Bloomberg&#x27;s internal investigation so they can figure out how that story got published without any corroborating evidence. Supermicro&#x27;s stock took a beating and now they will have a legal case against Bloomberg.

&gt; “... [we] are committed to the security and integrity of the technology on which Americans and others around the world increasingly rely.”<p>Snowden showed us otherwise.