Chinese Accused of Hiding 'Backdoor' for Hackers in Computer Chips Used in Military Equipment: Experts Refute Claim

Researchers are alerting the appropriate officials to a recent vulnerability they have found in computer chips used in everything from aircraft to laptops that could leave them open to the exploits of hackers. There has been speculation that the "backdoor" was purposely placed in these chip while being made in China, but many experts -- including the researchers who discovered the vulnerability -- say this is highly unlikely.

The Guardian states the backdoor is in systems such as the Boeing 787 Dreamliner, drones, surveillance equipment, and other military, medical and communications products. The chip by U.S. manufacturer Actel (also going by Microsemi) -- produced in China -- has a loophole that Sergei Skorobogatov with Cambridge University and Chris Woods with Quo Vadis Labs say would allow the hacker to "disable all the security on the chip, reprogram cryptographic and access keys … or permanently damage the device."

Skorobogatov and Woods speculate Actel included the "backdoor" at the onset of the chip's design.

Here's more from the Guardian about the security issue:

Rik Ferguson, director of security research at the online security company Trend Micro, said: "This kind of flaw that gives somebody access right into the device has inherent flaws. The fact that it's in the hardware will certainly make it harder – if not impossible – to eradicate. We're already seeing a steady flow of devices such as digital picture frames coming out of factories with malware already on them – but that's software which can be fixed. If you have this sort of flaw, then you need to replace the hardware, which means the chips."

[...]

"It was very likely done at the design stage," said Woods. "However, the traces left in the Actel development software suggest that this feature was well thought through from the very beginning."

There was speculation this back door was put in place at the manufacturing stage, suggesting it occurred in China where the chip is made. Woods told the Guardian he thinks this is an unlikely scenario. The Errata Security blog also considers this a "bogus" claim. According to the blog, backdoors such as this are relatively common and "rarely malicious." Robert Graham writes on Errata Security:

About 20 percent of home routers have a backdoor in them, and 50 percent of industrial control computers have a backdoor. The cause of these backdoors isn't malicious, but a byproduct of software complexity. Systems need to be debugged before being shipped to customers. Therefore, the software contains debuggers. Often, programmers forget to disable the debugger backdoors before shipping.

[...]

Whereas companies (should) disable the debug feature in the version they send to customers, that's not so easy with chips. It requires millions of dollars for every change to chip design.

Graham also speculates that the Actel designed this backdoor from the beginning but probably considered it more of a "debugging feature, rather than a backdoor." He writes, that while the two Cambridge researchers did in fact find a vulnerability, "they only offer speculation, but no evidence as to the source of the backdoor."

In a Q&A with Business Insider, Skorobogatov responds to the reference of China's involvement with the vulnerability saying he is not sure where or how the country entered the picture with this discovery. He said, "we have no idea why people have linked the Chinese to this as it did not come from us." Still, Skorobogatov maintains that the backdoor could have "huge implications for National Security and public infrastructure."

Actel has not yet not responded to the Guardian's request for comment.

Featured image for this post via Electronic Design.