At the Security Analyst Summit this year in Singapore, Threatpost editor Tara Seals catches up with Joe FitzPatrick, researcher with Securing Hardware, who led a session during the conference about "A Measured Response to a Grain of Rice: An Implant in the Shell"
After a 2019 Bloomberg report alleged that a spy chip was implanted on Supermicro servers and eventually made it into the supply chain of several high-profile cloud vendors, supply chain was thrown to the forefront. (The report was strongly refuted by Supermicro, Amazon and Apple).
FitzPatrick talks about what stood out to him about the report- and what didn't make sense - as well as the risks of supply chain that end users should focus on.