Bloomberg Businessweek on Thursday cited 17 unnamed intelligence and company sources as saying that Chinese spies had placed computer chips inside equipment used by around 30 companies, as well as multiple USA government agencies, which would give Beijing secret access to internal networks.
"The NCSC engages confidentially with security researchers and urges anybody with credible intelligence about these reports to contact us", it said.
When the story broke last week, though, the USA intelligence agencies were quiet, but the Department of Homeland Security stepped in over the weekend to say that although the agency is aware of Bloomberg's report, it has "no reason to doubt" the statements made by the two companies.
The Department of Homeland Security said this weekend it had "no reason to doubt" denials from Apple and Amazon of a report that Chinese spies placed surveillance chips in their server hardware.
"The Department of Homeland Security is aware of the media reports of a technology supply chain compromise", DHS said in a statement.
The compromised boards in question were supposedly manufactured by Super Micro Computer Inc., a company that denied Bloomberg's reporting in the standard press release format.
Heat-Butler talks sizzled, fizzled, with Richardson reportedly in play
Miami always desires to be a destination for the NBA's elite players, and having Butler in tow helps with that goal. He has listed the LA Clippers , Brooklyn Nets and New York Knicks as teams he would like to re-sign with.
Given that this story is too huge to just sweep under the rug, denials came in swiftly from both Amazon and Apple.
Apple has also supplied a letter to US Congress at this point, stating that no evidence was found to support claims of tampered motherboards.
Apple and Amazon, two companies identified as victims of the hack, refuted Bloomberg's claims in statements on their websites.
And it's notable what hasn't happened in the four days since Bloomberg published his story. It said that US investigators had found that Chinese agents operating on behalf of the People's Liberation Army had used a combination of subterfuge, bribery, and threats to insert the compromising chips during various stages of Supermicro's supply chain, after which point they would have been almost impossible to detect and given backdoor access to the systems they were implanted in.
"In essence, this story seems to pass the sniff test", says Theo Markettos, who is on the security team at Cambridge University's Computer Lab.
"Bloomberg's story further alleged that Amazon sold off its entire data infrastructure in Beijing to Chinese partners, which a source familiar with the move described as akin to "[hacking] off the diseased limb", and that Apple replaced all 7,000 or so Supermicro servers in its data centres.
"It is technically plausible", Jake Williams, a former member of the U.S. National Security Agency's hacking unit who now runs security consultancy Rendition Infosec in Augusta, Georgia, said in a Thursday web conference, the Register reports.