By Jon Russell, techcrunch.com
It looks like Amazon’s move to sell off its physical server business in China last year was because the unit had been compromised by a Chinese government spying program.
That’s according to a report from Bloomberg which details how the Chinese government infiltrated a number of U.S. companies by sneaking tiny chips onto motherboards from Supermicro. They then became part of servers deployed by the companies giving remote operatives potential access to data. It’s a huge story that includes a comparatively small but important passage shedding light on Amazon’s China deal last November — the U.S. firm sold the physical server business to local partner Beijing Sinnet for 2 billion yuan, or around $300 million.
That transaction initially sparked reports that AWS would exit China, but Amazon later clarified it planned to continue to operate its cloud services in China. Selling the physical server business, it said, was down to the fact that “Chinese law forbids non-Chinese companies from owning or operating certain technology for the provision of cloud services.”
While it is correct that China did introduce cybersecurity laws that placed restrictions on overseas firms and appeared to give the government unprecedented access to data, the Bloomberg report claims that Amazon’s China-based servers were in fact offloaded because they were plagued with compromised servers.
One source at Amazon described the deal to Bloomberg as a decision to “hack off the diseased limb.”
Amazon refuted the claims, as did other U.S. companies named in the report as well as the Chinese government itself.
“It’s untrue that AWS knew about a supply chain compromise, an issue with malicious chips, or hardware modifications when acquiring Elemental. It’s also untrue that AWS knew about servers containing malicious chips or modifications in data centers based in China, or that AWS worked with the FBI to investigate or provide data about malicious hardware,” Amazon told Bloomberg in a statement.