Two servers that had been manufactured in China were brought in for a warranty repair. Much to the engineers’ confusion, a routine check revealed that small unknown implants had been placed on the two servers’ motherboards.
This case may sound familiar, that’s probably because it is nearly identical to the Supermicro server hack in China that Bloomberg reported in Q4 last year. This implant-based attack, however, happened more than 12 years earlier. Brushed aside as an atypical attack, a cyber security solution to the problem took the back burner.
The Supermicro attack is not the first of its kind, and it certainly won’t be the last.
History Repeats Itself
We first heard about the case in 2006, around the time Steven Chen, CEO and Co-Founder of PFP Cybersecurity, sold 3eTI, an Intel Capital portfolio cybersecurity and wireless company for secure Wi-Fi. At the time, there was no commercially available solution to prevent this type of supply chain tampering and very little information was known about implant-based attacks.
Only a few years later, Steven encountered a potential non-intrusive solution to the implant-based attack – the power fingerprinting technology being developed by Dr. Carlos Aguayo Gonzalez, CTO and Co-Founder of PFP Cybersecurity, at Virginia Tech.
Soon after, PFP Cybersecurity was born, with the capability to detect with extreme accuracy when unauthorized modifications such as hardware Trojans or counterfeit parts have compromised the integrity of an electric system. Through Power Fingerprinting, an intrusion detection solution based on observing tiny patterns on the processor power consumption, PFP could determine whether a board or device has deviated from expected operation obtained from baseline references.
In 2010, the same year Steven encountered the power fingerprinting technology, another puzzling implant-based attack emerged. This attack, the computer worm Stuxnet, was heavily publicized, and while Ralph Langner warned of the potential for a complex zero-day hack like Stuxnet to target companies in the U.S., the threat to industrial control or PLC, programmable logic controller, was not universal and the attack was not seen as the norm. Therefore, despite having a readily available solution and preventative measure to attacks like Stuxnet, PFP’s power fingerprinting technology did not catch on and companies were unwilling to devote time and energy toward PFP.
“Usually with a new technology like PFP, we need a compelling event. Sometimes a single event will make a cybersecurity company because it was something that nobody thought would be useful, and suddenly there’s one event and there’s no other solution to deal with it.”Steven Chen, Co-Founder and CEO, PFP Cybersecurity
The Supermicro hack was PFP’s compelling event. Since the Bloomberg story came out last year, PFP has become an official security partner for Supermicro and begun working with Keysight Technologies and ARM to implement our technology in their chips and instruments.
The Bloomberg story is a departure from past attacks because the hack and the massive potential for how micro implants can tamper with supply chains and endanger data centers affects almost every major company that utilizes cloud services. The installation of a microchip the size of a sharpened pencil tip had the power to affect almost 30 companies, including a major bank and Apple, in addition to government contractors, according to Bloomberg.
Before when it came to attacks like Stuxnet, which involved ICS and PLC, people typically said that the issue had nothing to do with them personally. Now that the attack has shown it can affect data centers that make up the cloud, every company is a potential target.
The global public cloud services market is projected to grow 17.5 percent in 2019 to total $214.3 billion, and is expected to reach $331.2 billion by 2022, according to Gartner, Inc.
Not only is the market expected to rapidly expand, but the rate of growth exceeds that of the IT industry as a whole. “Through 2022, Gartner projects the market size and growth of the cloud services industry at nearly three times the growth of overall IT services,” said Sid Nag, research vice president at Gartner.
As the cloud services market grows exponentially, so does the threat to the security of the data centers that host those services. PFP’s scalable, non-intrusive cyber security solution meets the market demand to address this rapidly growing threat.