Cambridge University researchers find that a microprocessor used by the US military but made in China contains secret remote access capability
A microchip used by the US military and manufactured in China contains a secret “backdoor” that means it can be shut off or reprogrammed without the user knowing, according to researchers at Cambridge University’s Computing Laboratory.
UPDATE: However, one security consultancy has said that the implication that the backdoor might have been secretly inserted by the Chinese manufacturer is “bogus”, and that malicious intent is unlikely.
In a draft paper, Cambridge University researcher Sergei Skorobogatov wrote that the chip in question is widely used in military and industrial applications. The “backdoor” means it is “wide open to intellectual property theft, fraud and reverse engineering of the design to allow the introduction of a backdoor or Trojan”, they said.
The discovery was made during testing of a new technique to extract the encryption key from chips, developed by Cambridge spin-off Quo Vadis Labs. The “bug” is in the actual chip itself, Skorobogatov wrote, rather than the firmware installed on the devices that use it, meaning there is no way to fix it than to replace the chip altogether.
“The discovery of a backdoor in a military grade chip raises some serious questions about hardware assurance in the semiconductor industry,” wrote Skorobogatov.