About the Supermicro attack so far
In the preceding article, we gave an overview of the hacking attack that saw suspected agents of the People’s Republic of China insert microchips in Supermicro motherboards from their manufacturing base in China was an uncommon kind of hardware hack.
It is believed that such an extensive targeted monitoring is so difficult to pull off that it is regarded as “magic” by IT experts. It is also the most extensive attempt that the Chinese have ever made to spy on the United States. The investigation has been going on since 2015, yet the full extent of how deep the hacking attack goes has yet to be uncovered.
So, how can you minimize exposure?
Only the big companies like Apple, Amazon, and Government contractors like the Department of Defense have allegedly found the microchip in their servers so far. There are hundreds of companies that are still in the dark about how the news affects them or if they even have the monitoring microchip in their servers or not.
Some of these companies did not buy their computer servers from Supermicro directly, but because Supermicro is one of the biggest players in the industry with 900 offices in 100 countries, they have sold to other smaller computer hardware companies. So, it is possible that these companies still have Supermicro motherboards in their servers, regardless if they bought it at Supermicro or not.
Furthermore, companies also need to keep up with the Supermicro story more, because the United States Department of Defense is yet to conclude its investigation on the story, and thus there is no way of determining if the attempts at spying have all been nipped in the bud or still ongoing. Besides, with the Chinese hackers realizing how they successfully controlled the Supermicro servers and how long it took before the authorities caught on, they or some other shadowy spy organizations might wish to try again.
Therefore, if you feel that your company might have purchased servers from Supermicro, either directly or indirectly– or you just want to protect your company from cyber-attack, either on your hardware or on your software in the future, then here are a few tips that you might consider.
5 Tips to Minimize Exposure to the Supermicro Hack
Tip 1. Follow the news on the Supermicro hack
It is important that you follow the news on the hack and how it affects you. For example, as we have mentioned, companies like Apple which are believed to be affected by the hack have already issued statements to refute the story. Also, several other specialists in the computer industry are already arguing that the Bloomberg story might be a false story. This is due to the fact that if, as the Bloomberg article mentioned, the American Department of Defense, which is listed as one of the companies who used the Supermicro systems knew that
China was carrying out (or planning to carry out) such an extensive spying mission and still allowed it to infiltrate the military, it would mean that they detected a threat to national security in a period spanning two administrations and failed to do anything about it. It is believed that more information will come up about the story in due course, and you must make sure that your company is following the news, as investigations reveal various ways that hardware hackers might use a backdoor to enter your company servers. The earlier you are able to get information on the nature of the threat, the better you are able to know if your servers have been compromised, and the easier for you to get more information about it.
Tip 2. Network Monitoring
Another way of minimizing exposure to a hack on the kind of level of the Supermicro hack is through network monitoring. Network monitoring is described as “the use of a system that constantly monitors a computer network for slow or failing components”. The monitoring system tracks and logs network parameters like data transmission rate, error rate, and use time percentages.
The system then notifies the network administrators in case of outages and other troubles. Usually a monitoring system can request for a page or on the server to perform an action. If that action is not performed as and when requested, the monitoring system can send a message to the system administrator, who may then decide what course of action to take on the action or inaction of the offending server. Since in the case of the Supermicro hack, it is the hardware that is affected and is used to manipulate the software, a good network monitor will be able to detect if the server has been compromised in anyway and will alert you to keep your data safe.
Tip 3. Encrypt Your Data
You can protect your data or minimize the risk of being hacked, even by an organization as advanced as the Chinese government, is to encrypt your data. According to the Bloomberg story which broke the news, the Supermicro hackers were looking for corporate defense secrets. In essence, they are looking for information that is usually left lying around. Therefore, it is important that you keep your information safe by using the disk encryption tools that come with the operating system of your computer. It is easy to use, and it doesn’t take time or slow down the server.
The modus operandi of the Supermicro hackers, if the Bloomberg story is anything to go by was to use the microchip which had been inserted into the system when it was built as a backdoor to be able to connect that server to their own servers which had been created for that purpose. After doing this they would be able to snoop around the invaded server for information that they want. If your system is encrypted, they will not be able to access your information of your software files.
Tip 4. A Strict Cyber-Security Policy
To minimize your risk to exposure by hackers, it is important that you get your employees on board with your cyber-security policy. Ensure that your company has a formal company internet security policy in place that is specified for the kind of business that your company does.
From time to time, send company-wide emails to employees on the need to take company cyber-security seriously. Organize meetings with IT firms and IT experts so that your employees can learn more about protecting their personal information and company information from hackers. Constantly remind them about what kind of emails not to open and the websites not to visit. Sometimes hackers seed their way through private information on email servers’ apps and pop ups, so your employee’s desk is a potential minefield for hackers.
Tip 5. Replace Your Servers
One good thing about the Supermicro hack so far is that the only server producing company mentioned is Supermicro. To be on the safe side, you might wish to refurbish your old systems and to replace them with uncompromised ones. In fact, as a company you need to refurbish your old servers from time to time, or better still replace them with new servers. That way, if you have a piece of hardware that has been compromised, the hackers cannot use it to get your information. Indeed, according to the Bloomberg article that broke the story, it was the process of replacing their servers that they discovered that the Supermicro system motherboards at Elemental Inc. had been compromised.
You Can Sell SuperMicro Servers
Exit Technologies is a firm that will buy your old server equipment while you order the new ones. Even if you don’t wish to sell the old ones you have, they can help you refurbish your servers so that it is free from hacker weapons like the microchip that was found in the Supermicro system.
Also, IT firms similar to ours also know about recycling and refurbishing old servers so that they are as good as new. Consult them and let them give you information about protecting your servers from hardware hacking attacks. If the Bloomberg story is true, then the Department of Defense itself is going to be employing IT firms like this to help refurbish their instruments. In fact, in case of companies like that, because of the nature of the sensitive information that is contained in their servers, they might go for refurbishing rather than replacement.
Apart from servicing, recycling and refurbishing old equipment, these IT firms can also help draw up plans and IT policies that your company can use. Since they know everything about cyber security, they will be able to guide you on what steps to take so, that your data is protected from hackers seeking to use the information to harm you or your company.
Cyber-Security is an Important Topic
As a business executive, it is important for you to not gloss over the matter of cyber security and cyber terrorism in your day to day work. If one happens to your business, it could negatively affect you or your employees or one of your customers.
As a private individual or a company, you can protect yourself from even the worst form of hacking, even if it is as extensive as the Supermicro hacking. All you need do is to keep yourself up to date in the cyber terrorism industry and to protect yourself.
What’s Next in Part 3?
Now that impact minimization has been talked about, the next question that comes to mind is how can companies built around Supermicro servers maximize the value of their current Supermicro equipment? In our follow-up blog next week, we will be providing answers to this vital question.
Check out Part 3 of our Supermicro Hack series.
Have something to add? Let us know your thoughts in the comments below!