“Today we are going to more thoroughly address the Bloomberg Businessweek article alleging that China targeted 30 companies by inserting chips in the manufacturing process of Supermicro servers,” Patrick Kennedy writes for STH. “Despite denials from named companies and the technology press casting some reasonable doubt on the story, Bloomberg doubled down and posted a follow-up article claiming a different hack took place.”

“In the first section, we are going to discuss why there are some fairly astounding plausibility and feasibility gaps in Bloomberg’s description of how the hack worked. The weakness in this section of the Bloomberg article makes it extremely difficult to navigate and it is light on details,” Kennedy writes. “Bloomberg’s report describes an attack that is not possible at the companies listed in the article.”

“Bloomberg needs to either present credible and verifiable information to prove this story is true. The hack they presented does not work against the intended targets as we have shown here. There is now enough evidence pointing to systematic discrepancies that the stories cannot stand,” Kennedy writes. “If Bloomberg cannot present credible information to show how the hack presented is possible, plausible, and did happen, Bloomberg needs to retract the story and investigate how this passed editorial muster and was published.”

Much more in the full article here.