A lot of people are missing some of the crucial details in the Bloomberg story, so I thought I’d try to clarify some of the technical aspects which might not come out in the high-level report. ??

The chip was “encrypted on the motherboard”. This is a highly technical way of saying that it was hidden inside another chip, having been reduced to a pure cyberchip — “vaporware”, in hacker parlance, or an “implant” in espionage speak.

This vaporware implant was encrypted within the lowest-level UEFI BIOS firmware using military grade encryption, undetectable to even sophisticated security analysts, quietly sending critical intelligence and business secrets back to Chinese intelligence assets.

These spies both had the ability to monitor everything the device was doing and trigger a sort of super sayian mode of the encrypted chip, activating a so-called “vaprowave” which would replicate the embedded implant and cause it to spread to other devices.

The exact details of this spread are unconfirmed, but it's presumed to be able to spread via network or USB cables, a so-called “viral worm” attack which hasn’t been seen on US cybersoil or connected networked systems since the Morris Worm Wargames of the late 1980.

Of course, a lot has changed since the 1980s — many more pieces of critical infrastructure are accessible over the public internet — rather than simply over the military and academic ARPANET as was previously the case.

This increasingly public and distributed nature means that we can no longer rely on systems like the Master Control Program to limit access to critical sectors, like the Gibson network or the WOPR.

Originally tweeted by Tom Lowenthal (@flamsmark) on 2021/02/12.