The Chinese Motherboard Hack Is a Crisis, Even If It Didn’t Really Happen

It’s easy to forget in the app era, but Silicon Valley got its name from microchips. The generation that transformed orchards into Oracle did so by manufacturing electronic circuits that encrust “chips” of a semiconductor material, usually made of silicon. In the fertile purlicue south of San Francisco, the foundations of the electronic revolution were invented, designed, and manufactured. Shockley Semiconductor, Fairchild Semiconductor, Intel, and other integrated-circuit makers thrived. Computer makers who used their parts burgeoned too. Software and services came next, and then the venture capital to fund these efforts.

Today, the capital and the software remain, and some computer and device makers, too. But the integrated circuit business has largely left the region. Silicon is etched into Silicon Valley mostly in name. The reasons are many. Land, housing, and labor became more expensive. Other countries, most of them in East Asia, created incentives for semiconductor manufacture. Global just-in-time manufacturing, along with the low cost of shipping small, light microchips around the world, made vertical integration less desirable.

This is a useful lens through which to view an explosive story published this week by Bloomberg Businessweek. The report claims that Chinese spies systematically infiltrated U.S. corporate and government computer systems by installing hardware exploits on the motherboards of servers destined for widespread use, from video-streaming services to the CIA. According to Businessweek, the infected machines provided a backdoor into any network on which the machines were installed. The reporting claims that at least 30 U.S. companies were affected, including Apple and Amazon, the most valuable companies in the world. Both companies have vociferously denied the claims, but Bloomberg stands by its story.

Who is right is a matter of corporate and national security. The exploits and hacks that have rocked the tech industry in recent years would seem minor compared with a foreign state gaining stealth access to the entire networks of companies and government agencies that manage enormous volumes of sensitive information. But even if the situation turns out to be different than Businessweek’s report, the scenario outlined in the piece (or one like it) is totally plausible. That plausibility, made newly visible, could combine with an accelerant: A tough American stance on Chinese business, including President Trump’s love for tariffs and trade war, and China’s increased dedication to independence. The resulting blaze has serious implications for the American technology business, and it won’t soon burn out.

Historically, China has not been a designer or manufacturer of the integrated circuits that get printed on silicon. It imports most of them. Some of those chips are used domestically, but many are used as parts for computers, embedded systems, and other computing tools that are then exported globally. Even so, China has excelled in making large volumes of chips quickly and cheaply, and at assembling imported parts into new components or devices for export. As a result, more and more computing devices rely on Chinese manufacture in one way or another, even if China still relies on imports to fulfill those demands.

The servers at the center of the Businessweek story are made by Super Micro Computer, a Silicon Valley company with a long history. The company manufactures servers that businesses can customize for specific needs, but it imports pre-built components from China used to assemble them. If such machines have been infected at the supply-chain level, in parts assembled into final products, both seller and customer might never know. (Super Micro has also issued a strong denial of Businessweek’s account.)

Concerns about Chinese manufacturing are not new. Earlier this year, the Federal Communications Commission voted to prevent domestic telecommunications companies from using equipment made by Huawei and ZTE, two Chinese electronics manufacturers, citing national-security concerns. Separately, ZTE was caught selling electronics to Iran and North Korea in violation of U.S. economic sanctions. The Commerce Department also banned U.S. companies from selling parts to ZTE (who relies on microprocessors from Qualcomm and glass from Corning, among others). The firm agreed to pay more than $1 billion in fines to lift the ban, contingent on changes to its management and operations.

These recent precedents suggest that the table is already set for further censure of Chinese computer-parts suppliers, and the rising tensions of such a fallout. The Chinese government already has been pouring investment into the semiconductor sector in an attempt to achieve technological independence from the United States and Europe. Meanwhile, the United States remains reliant on Chinese components and assembly, as the Super Micro products affirm.

Whether or not a microcontroller backdoor turns out to have been installed somewhere in the Chinese supply chain, the conditions are right for anxiety about that possibility to impact U.S. trade with China in the high-tech industry. The truth of Bloomberg Businessweek’s investigation might matter less than the concerns it opens, or the open worries it further irritates—at the White House, at U.S. regulating bodies, and among the general public.

The international-trade scholars Henry Farrell and Abraham Newman speculate that those repercussions might weaponize U.S. dependence on China. If Chinese manufacturers offer the best or cheapest option for components needed for domestic manufacture, then it might become beneficial for China to take advantage of that need in order to conduct corporate or governmental espionage. The risks would be enormous, of course—the ZTE ban likely would have bankrupted the company had it not paid the hefty fine to lift it. But over time, if China’s investments in local sources for parts pan out, then China might not rely on imports from the United States and Europe as much as those regions do on China.

Up until now, cost has driven much of the U.S. reliance on Chinese manufacturing: In many cases, it’s the best way to get lots of parts produced fast and cheap. But there are downsides, too, like the lack of redundancy and weakened negotiating position that come from over reliance on one supplier, or on a cartel of regional ones. Labor, environmental, and political concerns are also mounting, hacked motherboards being just the most recent example. And besides all that, Chinese manufacturing has been getting more expensive anyway.

But unlike China, the United States isn’t prepared to rebuild its semiconductor and motherboard-manufacturing industries. Some of that effort still takes place domestically. Intel still makes some of its microprocessors domestically, at plants in Arizona, New Mexico, and Oregon. Texas Instruments manufactures integrated circuits in the Dallas metro area. Micron, which makes flash memory for use in solid-state drives, has fabrication facilities in Utah and Virginia. Patriot Memory makes USB flash drives in Fremont, California. But all these and other semiconductor companies also maintain fabrication facilities in Taiwan, Dalian, and elsewhere in East Asia.

Other, more prominent efforts to return product manufacturing stateside amount to strategies for publicity as much as supply-chain logistics. Tim Cook has boasted that Apple manufactures its high-end desktop, the Mac Pro, in a factory near Austin, Texas. But that doesn’t quite mean “Made in the USA”; the computers are assembled in Texas—from parts sourced globally, including from China. It’s also arguably Apple’s least important product line, and the U.S. manufacturer reportedly slowed production.

Even if the cost savings from offshoring manufacturing have dropped in recent years, American workers might not want those jobs as much anymore, even if some of them also find the Trump administration’s political crusade for such jobs appealing. But the alternative—building robots and artificial intelligence to do the work—only alienates blue-collar and middle-class workers even more. That means that automation might catch on faster in China, while the West wrestles with its social and political implications.

If China begins to believe that its local manufacturing capabilities will outstrip its reliance on U.S. design, parts, and materials, then the risk associated with hardware-level attacks will lower considerably, while providing substantial benefit in the form of industrial or state espionage. Soon enough, as people start tearing down the Super Micro motherboards at the heart of the scandal, the world will learn whether the hack is a real crisis or a false alarm. But in some ways, it is a real crisis no matter the outcome.