Supermicro reaffirms security of Supermicro products, refutes Bloomberg article

Super Micro Computer, Inc. (SMCI), a global pioneer in enterprise computing, storage, networking solutions, and green computing technology, strongly refutes the accuracy of the information in a recent Bloomberg article.

Bloomberg’s allegations

Bloomberg’s story is a mishmash of disparate and inaccurate allegations that date back many years. It draws farfetched conclusions that once again don’t withstand scrutiny.

The National Security Agency told Bloomberg again last month that it stands by its 2018 comments and the agency said of Bloomberg’s new claims that it “cannot confirm that this incident or the subsequent response actions described ever occurred.”

Cyber or national security investigations

Supermicro has never been contacted by the U.S. government, partners, or customers, about alleged investigations

Despite Bloomberg’s allegations about supposed cyber or national security investigations that date back more than 10 years, Supermicro has never been contacted by the U.S. government, or by any of the partners or customers, about these alleged investigations.

Bloomberg has produced no conclusions from these alleged investigations. Nor could Bloomberg confirm to Supermicro if any alleged investigation was even ongoing. On the contrary, several of the U.S. government agencies Bloomberg claims had initiated investigations continue to use Supermicro's products and have done so for years.

Addressing the security threats

Because Supermicro recognises that security threats are constantly evolving, they are vigilant and address issues as soon as they become aware of them. For example, many years ago, an Intel employee raised a question that Supermicro was not able to verify, but out of an abundance of caution, it promptly took steps to address it.  

SUpermicro has always valued its close partnership with Intel, which has always been strong. Furthermore, the update site referenced in the Bloomberg article has been long retired in favour of newer, secure (HTTPS) technology. Finally, the cyber incidents it disclosed in 2019 were investigated, remediated, and determined not to affect its business, products, or operations.

Continuous allegations

Unfortunately, Bloomberg continues to attempt to revive its false and widely discredited 2018 story.

In response to those allegations, Supermicro has never found any malicious chips, even after engaging a third-party security firm to conduct an independent investigation on their products.

Rebutting the story  

Supermicro has never been informed by any customer or government agency that such chips have ever been found

In addition, Supermicro has never been informed by any customer or government agency that such chips have ever been found. In 2018, several public and private sector officials rebutted the story on the record.

Then-Secretary of the Department of Homeland Security Kirstjen Nielsen said they “do not have any evidence that supports the article,” then-Director of National Intelligence Dan Coats stated “we’ve seen no evidence” of manipulation of Supermicro products, Federal Bureau of Investigation Director Christopher Wray warned officials to “be careful what you read” about the 2018 Bloomberg claims, and Apple CEO Tim Cook said “it is 100 percent a lie, there is no truth to it” and urged Bloomberg to “do the right thing” and "retract their story.” The NSA said at the time it was “befuddled” by Bloomberg’s report and was unable to corroborate it.

New and improved security features

Supermicro is an American success story, founded and headquartered in San Jose, Calif., in 1993.

The quality, security, and integrity of their products are their top priority, and they constantly implement new and improved security features and processes in their business, Supermicro investigates security issues that are brought to their attention and they work to remediate any issues.