Tag Archives: apple supply chain

WikiLeaks Reveals CIA Interference in iPhone Supply Chain

WikiLeaks has released new information on CIA programs aimed at monitoring Apple device owners. Has the CIA redirected iPhone shipments to its own facilities to infect them with spyware?

President George W Bush visits CIA Headquarters, March 20, 2001.

For many readers of the latest data dump from the controversial website WikiLeaks, two surprising facts stood out:

  1. The CIA has been hacking iPhones, Macbooks and other Apple products for a decade
  2. To install the malware, the CIA requires physical access to “factory fresh” machines. WikiLeaks suggests this is done through redirecting Apple’s supply chain through their own facilities

What has the CIA been up to?

According to the documents, CIA’s Embedded Development Branch (EDB) implants malware called NightSkies 1.2, a “beacon/loader/implant tool” that apparently allows the CIA to “gain persistence” (spy) on the device. Notably, this program has been in use since 2008. WikiLeaks also describes a project called “Sonic Screwdriver”, which allows spies to remotely hack a Mac computer from a USB accessory plugged into the machine. The release also contains details of other malware products with striking names such as “DarkSeaSkies”, “DarkMatter”, “SeaPea”, “Triton”, “Dark Mallet” and “DerStake”.

Listen to WikiLeaks’ Julian Assange’s commentary on the CIA’s malware specifically developed for Apple products:

How is the malware installed?

According to the CIA documents, NightSkies 1.2 is physically installed by a CIA operative on “factory fresh iPhones”, or handsets that users haven’t yet interacted with.

The two key words here are “physically” and “factory fresh”. The malware cannot be installed remotely, which means the CIA agent needs to get their hands on their target’s phone to install the program. This brings to mind a Hollywood-style manoeuvre where the operative would somehow pickpocket the target, install the malware with a USB, and return it to the unsuspecting iPhone owner who will never realise they’re being tracked.

However, as the iPhone needs to be “factory fresh”, WikiLeaks believes it’s possible the CIA has redirected iPhone shipments to install the tool. The organisation wrote:

“While CIA assets are sometimes used to physically infect systems in the custody of a target, it is likely that many CIA physical access attacks have infected the targeted organization’s supply chain including by interdicting mail orders and other shipments (opening, infecting, and resending) leaving the United States or otherwise”.

This raises two questions, neither of which are answered in the WikiLeaks documents:

  • Is the CIA infecting Apple products en-masse, or are they only intercepting, infecting and re-sending specific phones that have been ordered via mail by persons of interest?
  • Does the CIA visit the factory floors of Apple’s suppliers to install the malware?

Has Apple responded?

Yes. Apple has released a statement pointing out that nearly 80 per cent of the vulnerabilities exploited by the CIA have already been fixed with security patches (years ago in some cases) and added that it “will continue work to rapidly address any identified vulnerabilities.”

In its statement, Apple did not directly condemn the CIA for interfering with its products, choosing instead to distance itself from WikiLeaks:

“We have not negotiated with WikiLeaks for any information. We have given them instructions to submit any information they wish through our normal process under our standard terms. Thus far, we have not received any information from them that isn’t in the public domain. We are tireless defenders of our users’ security and privacy, but we do not condone theft or coordinate with those that threaten to harm our users.”

In other news procurement news this week…

London Mourns Victims of Westminster Attack 

  • Thousands of Londoners gathered in central London to honour the victims of Tuesday’s terrorist attack
  • On the 22 March, Khalid Masood drove into pedestrians on Westminster Bridge before crashing his rented four-wheel drive into a fence outside parliament
  • He attacked two police officers as he tried to enter the building, fatally stabbing Keith Palmer before he was shot. Five people, including the attacker, died, and at least 50 people have been injured.
  • On Thursday evening, a candlelit vigil was held in Trafalgar Square. In what was a moving tribute to those affected, the Mayor of London, Sadiq Khan, addressed the crowd to much applause and a minute of silence was observed.

Read more on BBC

Avian Influenza resurfaces in Asia

  • An outbreak of H7N9 avian flu that has been described as the worst in seven years is dramatically impacting the poultry industry across China, Japan and South Korea.
  • The outbreak has been linked to over 140 human deaths in China in January and February, along with enormous stock culls including 30 million chickens in South Korea alone.
  • Chinese poultry imports are expected to grow by 10%.

Read more on the Wall Street Journal.

Starbucks announces aggressive expansion plans

  • Starbucks will open 12,000 new cafes globally by 2021, including 3,00 new stores in the U.S.
  • The new stores will require a workforce of 240,000, with the company planning to hire 25,000 military veterans and military spouses.
  • Starbucks has also announced it would hire 10,000 refugees in response to Donald Trump’s executive order calling for an immigration ban.

Read more on MarketWatch.

Good News-Bad News Week for Global Tech Giants

The good news is that one of your favourite social networks is booming, the bad news is that one of your favourite tech companies is not.

Good News Bad News

It’s been something of a good news, bad news kind of week for a number of major global organisations this week. On one hand, alongside the success of the Big Ideas Summit 2016 (we couldn’t resist one last mention…), Facebook is bucking the trend for growth in 2016.

On the other hand, continuing (and very public) supply chain issues, as well as declining sales, put Apple firmly in the bad news column. And outside of the tech industry there was bad news in global manufacturing, as it became clear that lessons don’t appear to have been learned in Toyota’s supply chain following recent earthquakes in Japan.

Golden Quarter

At a time when other technology companies are beginning to feel the pinch, and slow growth is causing some real concerns, Facebook appears to be bucking the trend with its good news announcement on its first quarter growth.

Q1 of 2016 was the company’s strongest single quarter growth since 2014, with an overall revenue increase of 51.9 per cent. Combined with an increase in user activity (it’s estimated that two-thirds of Facebook users are on the site or app every day), it served to place Facebook far out in front of its competitors in both the social media, and tech, fields.

The revenue growth has been put down to a marked increase in the sales of mobile advertising on both its original platform, and on Instagram, which it purchased for over $1 billion in 2012.

What’s more, there is plenty potential for more good news, as Facebook is yet to release advertising for it’s other 2 major platforms – its Messenger service, and Whatsapp. There is also the release of Oculus Rift, the company’s virtual reality headset, to be taken into account, although this is unlikely to happen until next year.

‘The Fruit’ in Decline?

Facebook’s good news came as welcome relief for investors and markets, particularly in light of other first quarter announcements from the large technology companies came in under expectations.

Twitter’s earnings fell short of Wall Street predictions, with $595 million, compared to an expectation of over $607 million. Bigger problems for Twitter were a less than expected growth in user numbers, hindering the platform’s ability to drive advertising revenues.

However, the biggest news (though some might say not as surprising) came with the quarterly announcements from Apple. For the first time in 13 years, Apple reported a fall in quarterly sales, at nearly 13 per cent, to $50.6 billion. The tech giant expects this trend to continue in Q2, with estimated sales falling to around $41 billion.

Apple were not alone in feeling the effects of the slowing Chinese economy, where its sales dropped by more than a quarter. However, there was some good news for Apple fans. CEO Tim Cook told analysts that, “The future of Apple is very bright”, with a 20 per cent growth in revenue from Apple Music and App Store areas of the business.

However, many analysts are concerned that, in a market saturated with smartphones, unless the iPhone 7 is a game changer, then this decline could continue. With an announcement, and launch, expected later this year, it seems we will just have to wait and see.

Vulnerable Supply Chains

Technology wasn’t the only bad news area this week either. Toyota have come under fire for not learning the lessons of Japanese earthquakes in 2011, with their supply chain again showing severe vulnerability following earthquakes in the country in recent weeks.

Following the events of 2011, Toyota set out to create an “earthquake-proof” supply chain, working with suppliers to create the RESCUE (REinforce Supply Chain Under Emergency) system, aimed at spreading the risk in the event of future natural disasters.

The new supply chain was put to the test in April, and despite early promise, it seems that the same vulnerabilities in the supply chain still exist. The manufacturer shut 26 of its 30 Japanese production facilities in the middle of April, only reopening 5 at the tail end of the month.

With both Honda and Nissan now operating at full capacity, with minimal shutdowns, it seems that Toyota has yet to learn its lesson.

Do you work in the technology industry? What do you make of the latest announcements from Facebook and Apple? We’d love to hear from you – you can get started in the comments section below.

As ever, we’ve been keeping an eye on all the major headlines just for you…

Congress Votes Yes on Russian Rocket Purchase

  • US Congress have voted to purchase $540 million worth of Russian rocket engines, despite a ban on trading
  • The intention of the 2014 procurement ban was to end US reliance on Russian-made RD-180 rocket engines
  • The US relies on these engines to launch national security satellites into orbit, as the US-built engines are still under development
  • Critics say the $540 million will be spent by Russian on modernising its military

Read more at Space Daily

Japan Fury at Australia-France Deal

  • Australia has awarded France the submarine ‘deal of the century’
  • The $AUS50bn submarine contract is the largest defence deal in Australian history, but the move has infuriated Japan.
  • Japan’s Mitsubishi Heavy Industries and Kawasaki Heavy Industries submarine had been seen as early favourites for the contract.
  • In an unusually blunt criticism, Japan’s defence minister Gen Nakatani described Australia’s decision as “deeply regrettable”.

Read more at The Telegraph

Slow Progress on US-EU TTIP

  • Progress is slow on negotiations for a comprehensive Trans-Atlantic Trade and Investment Partnership, or TTIP, between the EU and the USA
  • Negotiators said they would push for a comprehensive TTIP before US President Barack Obama leaves office in January.
  • Among the deepest divides concern Europe’s food safety rules that exclude American beef raised with hormones, genetically modified foods and Europe’s many local food naming rules.
  • The deal exclude European demands for greater access to US federal, state and local government procurement, which often carries “buy American” or local content standards.

Read more at Euractive

Gorman Failing Overseas Workers

  • Australian fashion brand Gorman has come under fire for not doing enough to protect overseas workers in its supply chain
  • The 2016 fashion report by Baptist World Aid Australia graded Gorman as an ‘F’ for policies on preventing exploitation of workers in overseas factories
  • Although the organisation has an ethical compliance statement on its website, fans and wearers of the brand have reacted angrily to the company’s alleged lack of action
  • The company’s founder, Lisa Gorman, has now stated that they will be publishing supply chain audit reports on its website in the coming months to help prove transparency

Read more at The Guardian

Supply chain risk drops to 18 month low

Enjoy this week’s news bulletin on your chemical-free Apple device, while enjoying a bowl of cornflakes, before washing it all down with some refreshing coconut water.

Popularity of coconut water

The rise and rise of coconut water

  • Once the drink of exotic holidays and childhood funfairs, coconut water is now the de rigueur beverage available in food emporia, bodegas and hotel minibars from New Delhi to New York. Indeed, in North America – the biggest global market for coconut water today – sales of the top three most popular brands went from almost zero in 2004 to nearly $400m by 2013.
  • Yet far from lifting coconut farmers out of poverty, we’re left in a situation whereby farmers receive about $0.12 – $0.25 per coconut and earn anything between $72 – $7,000 a year, according to Fair Trade USA. In contrast, the average serving of coconut water sells for $1.50 in the US, or £1.85 in a UK supermarket for a 330ml carton.

Apple bans hazardous chemicals from supply chain

  • Tech giant Apple has banned the use of two hazardous chemicals in its production line, after investors urged the firm to better protect the workers in its supply chain.
  • The firm announced in a statement this week that benzene and n-hexane would no longer be used in its production plants, though it insisted it had found no evidence that workers had been harmed.
  • In an open letter to Lisa Jackson, vice-president of environmental initiatives at Apple, investors, asset managers and businesses therefore demanded that Apple eliminate all dangerous chemicals from its supplier factories. The campaign group Green America also launched a consumer petition, urging Apple to better protect Chinese workers.

Read more at Blue & Green Tomorrow

Read the full feature on The Guardian’s Sustainable Business pages

Kenya eyes e-procurement system to curb corruption

  • In a move expected to curb corruption and improve transparency in Kenya’s public procurement, the Kenyan government has unveiled a landmark electronic procurement and payment system.
  • The system, e-procurement, was launched by President Uhuru Kenyatta with the promise of helping the Government eliminate middlemen and corruption in its much-tainted procurement process.
  • It is estimated that weaknesses in public procurement, including vulnerability to corruption, are a global problem with approximately KSh34.9 trillion reported as being lost to bribery and corruption in procurement globally.
  • Deputy President William Ruto said: “The system is significant as it will eliminate gatekeepers, middlemen and brokers who have made procurement a nightmare.”

Read more on East African Business Week

Kellogg’s says it’s crunch time for supply chain emissions

  • Cereals giant Kellogg’s has announced that it wants suppliers to disclose greenhouse gas emissions as part of an ambitious package of new environmental targets.
  • The manufacturer of brands such as Corn Flakes and Pringles unveiled its Sustainability Report featuring new goals for 2020 to expand the use of low carbon energy, reduce water use and eliminate waste, alongside a commitment towards more responsible sourcing of the company’s top 10 ingredients and materials.
  • A Climate Policy statement also outlines how Kellogg’s will for the first time set and disclose a greenhouse gas reduction target for its entire supply chain by the end of December 2015, using a science-based method consistent with the goal of keeping global temperature increases below 2 degrees Celsius.

Read more on BusinessGreen

Cases of ebola fever in Africa from 1979 to 2008.
Cases of ebola fever in Africa from 1979 to 2008.

Ebola outbreak and Ukrainian conflict have little effect on supply chains

  • Geopolitical and major disease risks have had less effect than widely believed on the world economy, with supply chains at their least risky levels for a year and a half.
  • According to the Chartered Institute of Purchasing and Supply (CIPS), supply chain risk dropped to an 18-month low in the second quarter of the year, having fallen for three quarters in a row.
  • The CIPS index attempts to take account of economic, social and political factors.
  • However, the group believes that there may be something of a downturn in the second half of the year, especially given the risk of an increasingly violent conflict in eastern Ukraine and frostier western relations with Russia.

Read more on City A.M.

Americans to manage MoD military procurement

  • Unions and industry insiders are up in arms because two US engineering companies have been asked to oversee the way in which the Ministry of Defence runs the £14bn arm that buys military kit.
  • The Independent can reveal that San Francisco-based Bechtel and Denver’s CH2M Hill have bagged the programme management contracts for the Bristol-based Defence Equipment and Support (DE&S). This agency buys and looks after everything from forklift trucks to Astute class submarines, but is being overhauled by the Government so as to get better value for the taxpayer.
  • Sources said around half of these experts will be flown in from the US. This would cost around £5m more than just using British staff, with the remuneration including food and accommodation expenses.

Read more on the Independent

Don’t forget you can register to receive daily Procurious news-alerts using our brand-new News service.