Intel Corporation (NASDAQ:INTC) announced recently that it had issued a warning to several customers, including the Chinese technology firms about the possible security flaws within its processor chips, but did not inform the US government.
The Wall Street Journal reported recently. The news about the chip flaws was unleashed on January 3, the time Intel was preparing to announce to the public about the chip flaw discovery. The date for announcement came after an undisclosed member of Google’s Project Zero security team had detected the flaws in June 2017. The delay should have allowed the companies to detect and fix the flaws.
The security experts informed the newspaper that the decision could have enabled the Chinese tech companies to flag the flawed chip to the Beijing, China, thus allowing the Chinese government opportunity to develop them.
According to Jake Williams, head of security at Rendition Infosec, it’s likely that the Chinese government had the information about the flaws from the Intel since most Chinese companies keep abreast with the trends in the communications. The journal stated that the Alibaba Group was among the first firms to be notified about the flaws. However, Alibaba’s cloud unit declined to comment on the matter.
China foreign ministry stated that it’s resolutely opposed to any type of cyber-hacking. Lenovo Group was also reportedly notified earlier. But the Lenovo spokeswoman informed the newspaper that they have a nondisclosure agreement that inhibits them to share crucial information with the public. The experts that talked to the Journal, however, noted that there was no evidence suggesting that the information given to the firms in question was mishandled.
China’s ministry in charge of information technology declined to respond to the journalist’s requests about the matter. Cyber-hackers linked to the Chinese government are generally known to create software vulnerabilities for surveillance.
Intel spokesperson stated Google Project Zero team and other tech vendors such as Intel usually follow the best practices in the industry of responsible and coordinated disclosure.