Amazon Offloaded Its Chinese Server Business Because it Was Compromised, Report Says

An anonymous reader shares a report: It looks like Amazon's move to sell off its physical server business in China last year was because the unit had been compromised by a Chinese government spying program. That's according to a report from Bloomberg which details how the Chinese government infiltrated a number of U.S. companies by sneaking tiny chips onto motherboards from Supermicro. They then became part of servers deployed by the companies giving remote operatives potential access to data. It's a huge story that includes a comparatively small but important passage shedding light on Amazon's China deal last November -- the U.S. firm sold the physical server business to local partner Beijing Sinnet for 2 billion yuan, or around $300 million. That transaction initially sparked reports that AWS would exit China, but Amazon later clarified it planned to continue to operate its cloud services in China. Selling the physical server business, it said, was down to the fact that "Chinese law forbids non-Chinese companies from owning or operating certain technology for the provision of cloud services." While it is correct that China did introduce cybersecurity laws that placed restrictions on overseas firms and appeared to give the government unprecedented access to data, the Bloomberg report claims that Amazon's China-based servers were in fact offloaded because they were plagued with compromised servers.

On one hand this discourages foreign investment

[rsilvergun]

OTOH I'm not sure China wants foreign investment. This is the same country that spent a fortune figuring out how to make pens as nice as the Germans instead of just importing the occasional nice pen. China is very nationalistic.

Re:On one hand this discourages foreign investment

[CrimsonAvenger]

Historically, China has had next to no interest in importing anything if they could possibly help it.

For the last couple millenia, their general policy was "foreigners can come here to buy our (obviously superior) goods, but we have no need of, and no interest in, their obviously inferior (since not Chinese) goods."

Typical chinese games again

[lengel]

"Chinese law forbids non-Chinese companies from owning or operating certain technology for the provision of cloud services."

Gee, I wonder why?

The government thought process is obvious: We have done it to everyone else so we know it can be done. Therefore we are going to make a law so nobody can do it to us.

Trump is right

China is the enemy.

Re:Trump is right

And you believe China is the only country doing this type of hardware hacking (or any hack for that matter)? Like the three letter agencies have so much integrity that they would never ever do such a thing? Did you ever wonder whether it was those very agencies that did it in the first place and if caught, they would have plausible deniability as well as being able to put the blame on China? As Trump once said "you think our country is so innocent?" Think outside the box a little and don't believe everything you read. The people at Bloomberg know every intimate detail of this hack, but they can never get to the bottom of who actually did the hack even though it would be so easy to follow the supply chain back directly to the attacker, but they would never go so far. Why? Because this story leads right back to those three letter agencies right here in the US of A. If caught, just blame China for it. Just because it was built in China doesn't mean they are the only ones to place blame. I'm surprised they didn't blame Russia for it. Now China and Russia are the boogie men.

Re:"Blodbank sells off blood due to contamination.

[Oswald+McWeany]

Remind me to avoid the Amazon Hospitals (tm) in the future....

If you're a member of Amazon Prime you will be guaranteed to be delivered to the afterlife in 2 days or less.

Only bad if the Chinese do it

[ArchieBunker]

Wasn't it confirmed by the Snowden leaks that Uncle Sam intercepts hardware during shipment to be compromised?

Re:Only bad if the Chinese do it

[Holi]

Wasn't the NSA found to be acting outside of its charter by intercepting US Citizens communications, like all of them.

That is the NSA working for someone's interest, but certainly not ours.

Re:Only bad if the Chinese do it

[Megol]

How about rejecting them both?

Re:Only bad if the Chinese do it

[mi]

Wasn't the NSA found to be acting outside of its charter by intercepting US Citizens communications, like all of them.

Of course. Since the times of Alan Turing, to intercept the bad guys' communications, you have to intercept all communications — and then sift through them. Of course, some of that can also be used for internal needs, such as to sabotage political enemies.

That is the NSA working for someone's interest, but certainly not ours.

That usage of NSA-intercepted traffic to help the entitled one was done by Obama, not by the NSA themselves.

Wherever your political preferences lie, the major difference between us and China are that we consider privacy a right and any invasion of it — scandalous and possibly criminal. In China (or even in India) these would hardly raise an eyebrow...

Stealth hardware has come along

[UnixUnix]

The Bloomberg link is worth reading, grain of rice -sized HW backdoor and all. Things have progressed quite a bit since 2005, when I opened up an Averatec laptop and noticed a stealth CastleNet mini comm board -- no, it wasn't on any bus or otherwise part of the architecture, it was "in the air", GLUED to the underside of the top cover, with just a cable running to the Ethernet port! Most likely injection somewhere in the supply chain. How crude, huh. What a difference 10 years can make.