Apple had long denied that it had purchased compromised servers manufactured in China that would have made it a victim to government surveillance after Bloomberg Businessweek broke the story, and now CEO Tim Cook is demanding the publication to retract its report. The publication alleged that the compromised servers, discovered as early as 2015, would have given China a backdoor into the private networks of U.S. corporations and government agencies and that Apple had severed its relationship with San Jose, California-based Super Micro as a result of this breach of trust.
“I feel they should retract their story,” Cook told Buzzfeed about the Bloomberg story. “There is no truth in their story about Apple. They need to do that right thing.” Cook also took issue at lack of evidence in Bloomberg’s report. Cook said that Bloomberg reporters did not provide his company with specific details about the chips that were alleged to have been discovered and removed.
Following Bloomberg’s report, Apple conducted a thorough internal investigation, with Cook claiming that Apple “turned the company upside down.” Ultimately, Apple was unable to find any evidence after “email searches, data center records, financial records, shipment records.”
“I was involved in our response to this story from the beginning,” Cook told Buzzfeed. “I personally talked to the Bloomberg reporters along with Bruce Sewell, who was then our general counsel. We were very clear with them that this did not happen, and answered all their questions. Each time they brought this up to us, the story changed, and each time we investigated we found nothing.”
Bloomberg claimed that Apple, Amazon, and as many as 30 U.S. businesses and government agencies, had purchased compromised servers from Super Micro that contained an embedded chip allowing Chinese surveillance. Apple, Amazon, and Super Micro also refuted Bloomberg’s story following their own internal investigations.
Cook’s denial mirrors earlier statements released by Apple Vice President of Information Security George Stathakopoulos in a prior letter sent to U.S. lawmakers addressing the issue.
“Apple’s proprietary security tools are continuously scanning for precisely this kind of outbound traffic, as it indicates the existence of malware or other malicious activity. Nothing was ever found,” he wrote in the letter to both the U.S. Senate and House of Representatives, quoted by Reuters. Apple’s assertions were previously supported by Britain’s Cyber Security Center and the U.S. Department of Homeland Security.
Bloomberg defended its story, noting that its report was a result of more than a year of investigation and conducting more than 100 interviews. “Seventeen individual sources, including government officials and insiders at the companies, confirmed the manipulation of hardware and other elements of the attacks,” Bloomberg Businessweek told Buzzfeed. “We also published three companies’ full statements, as well as a statement from China’s Ministry of Foreign Affairs. We stand by our story and are confident in our reporting and sources.”
Updated on October 19, 2018: Apple CEO Tim Cook refutes the Bloomberg story, demands a retraction.