Last week, Bloomberg published a lengthy report alleging a Chinese hacking attempt which it calls "the most significant known supply chain attack ever against American companies." The report goes on to detail how hackers reportedly implanted spy chips into motherboards of servers used by some 30 tech companies, including Amazon and Apple. The chips were allegedly inserted into motherboards sold by Super Micro, a server component manufacturer based in California, before those motherboards were used in servers sold to customers by various companies.
Citing various anonymous sources, the report also notes that Chinese spies had even inserted microchips into equipment used by several US government agencies. (Think the Central Intelligence Agency and the US Department of Defense.)
According to Bloomberg, these mysterious chips could be used to give China access to the US government's internal servers and to collect trade secrets and other data from the targeted American companies.
Garaffa told Radio Sputnik's Loud & Clear on Thursday that Bloomberg's investigative piece raised more questions than it answered when it was published on October 4.
"I don't believe it's true," he told hosts Brian Becker and John Kiriakou. "There have been… so many questions raised about it, and many people, including some people who talked to Bloomberg about the story, have come out and said that there are issues with the way it was covered."
One hole in the story was made evident when one of the security experts quoted in the story, Joe FitzPatrick, appeared on an episode of the Risky Biz podcast and revealed that he'd been misquoted, Garaffa told Becker, noting that Bloomberg used theoretical background FitzPatrick provided about computer hardware attacks and just ran with it.
"If a foreign government… if the US government wanted to attack a supply chain like this, there are much easier ways and much less intrusive ways to do it rather than inserting this chip on however many thousands of servers," Garaffa stressed.
Super Micro, Apple, Amazon and even the US Department of Homeland Security's Cyber Security Center have rejected Bloomberg's claims. For Super Micro, the report caused the company's stock value drop by 41 percent, CNBC reported after the story went live in the early morning hours of October 4.
Though Garaffa believes that Bloomberg's reporting harbors the essence of "sloppy journalism," he did indicate that it also offers a special twist on how the outlet joins its reporting on world affairs with the technology industry. "This is how Bloomberg covers tech stories with an international spin," he said.
Bloomberg's report came days before the US Justice Department announced on Wednesday that Chinese Ministry of State Security officer Yanjun Xu would be extradited to the United States. Xu is being accused of trying to collect intelligence on the design of jet engine fan blades from a US company, which is suspected to be GE Aviation, according to NBC News.
In response to the extradition, Chinese Foreign Ministry spokesperson Lu Kang dismissed the allegations, saying they were "made out of thin air."
