After witnessing attacks on its servers in the supply chain, Apple is beefing up its efforts to build its own Cloud infrastructure, say insiders. Find out all the details on Apple’s Project McQueen, here.
The FBI may be backing down in the Apple encryption fight, but Apple certainly isn’t. The company is forging ahead to find better ways to secure and protect customer privacy and data. This includes Apple’s latest plans to build its own cloud server infrastructure thereby warding off attacks made via the server supply chain.
According to a report by The Information, Apple is working on six internal projects including its own cloud servers, networking equipment and other systems that will eventually help developers power their apps.
The most significant project, codenamed Project McQueen, is Apple’s bid at building a completely self-sufficient data storage system. CRN reported earlier this month that Apple was moving some of its iCloud servers from Amazon and Microsoft to the Google Cloud Platform while it continues to work on its own Cloud infrastructure. The move was due to Apple’s dissatisfaction with photo and video load times on iOS and the escalating cost of Cloud services. According to the report, Microsoft’s Azure servers will soon be unable to handle Apple’s growing workloads and this means increased cost for Apple to help expand Azure’s data center infrastructure.
While Apple will have to shell out a pretty penny to build its own Cloud infrastructure, a source for Re/code claims that with the fees the company is paying Amazon and Microsoft, Apple could break even on building its own servers within three years.
Building its own cloud infrastructure will not only save Apple money in the long run,but will also allow the company to better secure its sensitive internal data as well as customer data and privacy.
The Information’s report claims attackers have attempted to backdoor Apple servers in the past by tampering with the supply chain.
“Apple has long suspected that servers it ordered from the traditional supply chain were intercepted during shipping, with additional chips and firmware added to them by unknown third parties in order to make them vulnerable to infiltration,” a source for The Information said. “At one point, Apple even assigned people to take photographs of motherboards and annotate the function of each chip, explaining why it was supposed to be there. Building its own servers with motherboards it designed would be the most surefire way for Apple to prevent unauthorized snooping via extra chips.”
If one of these compromised servers managed to make their way into Apple, it could mean grave consequences for Apple and its customers’ data, Andy Gill of Pentest Ltd told iDigitalTimes.
“If their [Apple] data center servers were compromised, an attacker could do several things, including gain access to trade secrets such as blueprints, plans and the like,” Gill said. Or if it was their activation servers an attacker could exfiltrate secret keys and sensitive customer data.”
In light of the battle between Apple and the FBI, it’s not farfetched to imagine government or other attackers trying to infiltrate Apple servers Zimperium security researcher, Nikias Bassen told iDigitalTimes.
“It wouldn't surprise me if foreign or U.S.agencies would try to backdoor their server hardware,” said Bassen.
For more details on Apple internal data storage projects, you can read the full report (behind a paywall) at The Information .