Apple, one of the largest tech companies that continue to grow across the globe has recently taken some drastic actions to improve their cyber security, going as far as to begin building their own server infrastructure. While Apple migrates to more secure servers, they recently dropped and returned hardware to one of their largest server providers, Supermicro, after a security incident that happened mid-2016. Malware-infected firmware was reportedly detected within an internal development environment for Apple’s App Store, as well as some production servers handling queries for Apple’s Siri service.
According to The Information (paywall), an Apple spokesperson has denied there was any security incident. However, Supermicro’s senior vice-president of technology, Tau Leng, said that Apple had ended their relationship with Supermicro after they discovered a compromised system in the App Store development environment. Leng also confirmed that Apple had returned some of their equipment it had recently purchased from the supplier. An anonymous source was cited as the source of the information regarding Apple’s infected Siri servers.
Apple has used a variety of companies’ data centers and server hardware for a majority of their life, as they’ve never used their own datacenters, including servers from HP and storage from NetApp. Just a few years ago, Apple added Supermicro to their lineup as a supplier for a portion of its development data centers infrastructure.
While Apple cuts off one of their suppliers, they continue to move towards more custom hardware, much like other giant tech companies and cloud providers. The reason more and more companies continue to move towards custom built hardware is due to the increasing threat of their hardware being intercepted during shipment. It’s widely known that the US government alongside bad actors have been able to intercept shipments and infect hardware before reaching the customer’s doorstep.
Leng told The Information that Apple is the only company to report the firmware issue, and said that that server model is used by thousands of their customers. He stressed that when Supermicro asked Apple’s engineers to provide information regarding the infected firmware, they gave an incorrect version number, then refused to provider further information.