Apple’s top security officer told Congress on Sunday that it had found no sign of suspicious transmissions or other evidence that it had been penetrated in a sophisticated attack on its supply chain.
Apple Vice President for Information Security George Stathakopoulos wrote in a letter to the Senate and House commerce committees that the company had repeatedly investigated and found no evidence for the main points in a Bloomberg Businessweek article published on Thursday, including that chips inside servers sold to Apple by Super Micro Computer allowed for backdoor transmissions to China.
“Apple’s proprietary security tools are continuously scanning for precisely this kind of outbound traffic, as it indicates the existence of malware or other malicious activity. Nothing was ever found,” he wrote in the letter provided to Reuters.
Stathakopoulos repeated Apple’s statements to the press that it never found malicious chips or vulnerabilities purposely planted in any server or been contacted by the Federal Bureau of Investigation (FBI) about such concerns. He said he would be available to brief Congressional staff on the issue this week.
The letter follows statements on Friday by Britain’s National Cyber Security Centre and on Saturday by the US Department of Homeland Security that those agencies have no reason to doubt denials from Apple and Amazon.com that they had discovered backdoored chips.
Bloomberg said on Friday it stood by its story, which was based on 17 anonymous sources. Some allegations were based on fewer accounts or even a single unnamed source, Apple noted in its letter.
A Bloomberg spokeswoman did not immediately respond to questions sent on Sunday.