Researchers claim Chinese backdoors in US military chips

A Cambridge University research team has claimed proof that Chinese manufacturers put “backdoors” or unauthorised access mechanisms into electronic chips used by the US military.

Using "breakthrough silicon chip scanning technology", researcher Sergei Skorobogatov said his team had found a “previously unknown backdoor" inserted by the Chinese manufacturer of a chip used by the military.

The chip was encrypted and locked by a key that his team was able to extract, effectively allowing it to be reprogrammed at will or disabled.

Skorobogatov did not name the manufacturer but said the chip's use was prevalent in many systems used by the military, ranging from weapons, nuclear power plants to public transport. He said the backdoor could be turned into an advanced Stuxnet-type weapon that could attack millions of systems.

Fear of Chinese backdoors has led governments worldwide to ban or cautiously approach the country's manufacturers for mission-critical components and systems.

Most recently, the Australian Government banned China's largest networking vendor Huawei from directly supplying components to the National Broadband Network, based on advice tendered by ASIO and the Department of Defence.

Australian privacy advocates have claimed China has looked to place "intermediating devices" into components it manufactures as early as 2005.

But security consultancy Errata Security combatted Skorobogatov's claims, arguing the proclaimed backdoor was a known method for debugging the chip

Chief executive for the consultancy, Robert Graham, said the chip in question – a Microsemi-Actel ProASIC3 – is a field programmable gate array (FPGA) that can be reprogrammed easily and sits in smart devices that often run embedded Linux.

Graham said the chip was a commercial, off-the-shelf product known for being cheap, and was not confined to the military.

"While they did find a backdoor in a popular FPGA chip, there is no evidence the Chinese put it there, or even that it was intentionally malicious," Graham wrote.

Anyone with physical access to the part could potentially use the known backdoor to reprogram data on the chip, he said.

While the Chinese might subvert the chips to steal intellectual property on them, it is “fanciful” to suggest they went through all that to attack the US military, he concluded.

Additional reporting by James Hutchinson.