It has ‘no reason to doubt’ Apple and Amazon’s denials
以下内容由机器翻译生成。如果您觉得可读性不好, 请阅读原文或 点击这里.
The UK’s top national cybersecurity agency GCHQ 告诉 路透社 on Friday that it didn’t see any reason to question the validity of Apple and Amazon’s denials that their servers were compromised following a meteoric report from 彭博 on Thursday. The report claimed that Chinese spies were able to place microchips in the companies’ servers, allegedly giving the Chinese government backdoor access to some of the largest cloud platforms in the world.
The GCHQ, which is the UK’s equivalent to the US National Security Agency (NSA), didn’t call for an investigation into the claims, but it requested that anyone with information about the alleged attack reach out. In its response to 路透社, the GCHQ said, “We are aware of the media reports but at this stage have no reason to doubt the detailed assessments made by AWS and Apple,” said the National Cyber Security Centre, a unit of GCHQ.
“The NCSC engages confidentially with security researchers and urges anybody with credible intelligence about these reports to contact us,” it said.
Despite the unconcerned reaction from the British spy agency, American lawmakers are getting fired up over the reporting; some are even calling for an outright investigation. A spokesperson for Rep. Tom Cotton (R-AR) 告诉 Politico on Thursday that, “It’s past time for American companies to wake up and realize that [Chinese President] Xi Jinping and his cronies view private enterprise as ‘fair game’ in their subversive campaign against our nation.”
Sen. Mark Warner (D-VA), who called Chinese hardware companies ZTE and Huawei “national security threats” this summer, 告诉 Politico that the report “provides more evidence that China’s pattern of behavior is a serious threat to national security and supply chain risk management.”
Rep. Frank Pallone (D-NJ), the ranking member of the Energy and Commerce Committee, was the most assertive, calling the report “deeply disturbing,” and requesting a congressional investigation in a statement to 彭博.
There are a whole bunch of plausible explanations that don’t require fraud. There was no fraud involved in #badbios or it’s journalistic coverage, and dozens of experts (correctly) confirmed to reporters it was technically plausible.
— Tavis Ormandy (@taviso) October 5, 2018
Many in the cybersecurity world have also questioned the report. Tavis Ormandy, a star researcher at Google’s Project Zero, argued on Twitter that the reporting might be overblown, saying, “there are a whole bunch of plausible explanations that don’t require fraud.”