Who owns that news company?
In this age, when our mainstream news media is now polluted more than ever with misinformation, disinformation and outright lies, maybe you’re wondering who is behind these various media and news companies? You might be surprised to find that it isn’t exactly who you might expect. You might also be surprised to find these owners’ political affiliations. Let’s explore.
Preface
It is important to understand that news media corporations are never-ending targets of acquisition by the wealthy billionaires of the world. What that ultimately means for this article is that because conglomerate ownership is liquid and constantly in a state of flux, it falls upon you, the reader, to verify that what is presented here in this article is still accurate at the time you are reading it. Inevitably, one or more will have been sold… again.
What this also states is that Randocity is a Blog publisher and not a Wiki. Randocity does not revisit and/or significantly modify or alter content of articles once written and published (other than for corrections, grammar and mechanics). These articles remain a point-in-time snapshot of how these companies existed at the time of publication. This information is important and relevant for readers at the time in and around when it was written and published. However, this information may become old and outdated years after publication. Again, it falls to you, the reader, to validate that what is stated here, which was accurate at the time of publication, is still accurate at the date you read this article.
On a separate but related note, it is presently unknown why these maniacal billionaires are willing to so completely trash and destroy the reputations of their own investments in these very newspapers, websites and TV stations. It is these very businesses that have spent decades building trust and ethical journalistic reputations, all gone in the blink of an eye because of single crazed billionaire. Now, back to our regularly scheduled program.
Which mainstream media outlets presently exist?
There are a wide array and types of mainstream media outlets including cable, broadcast TV and print publications. This article will provide a large number of these mainstream media outlets, but there are well more that exist, particularly those that also exist outside of the United States. This article will focus on various mainstream news media in the United States and that primarily intend to deliver news to American audiences.
| Media Name | Type | Description | Owned By | Main Investors |
|---|---|---|---|---|
| Associated Press (AP) | News Agency | News Reporting Cooperative | Nonprofit | Members contribute reporting and articles to AP for distribution |
| Reuters | News Agency | News Reporting | Thomson Reuters Corporation (Canadian) <= The Woodbridge Company | The Thomson Family (Canadian) |
| CNN | Cable | News and Opinion | WB Discovery | John C. Malone (Republican) – 10% owner |
| Fox News Network | Cable | N & O | News Corp <= Rupert Murdoch, Lachlan Murdoch | Murdoch Family (Hard Right Republicans) – 40% voting stake, 14% ownership |
| MS Now (formerly MSNBC) | Cable | N & O | Versant Media | Brian L. Roberts (Center leaning, but likely more R than D) |
| CBS News | Broadcast | N & O | Paramount Skydance | David Ellison [son of Larry Ellison] (Republican) |
| ABC News | Broadcast | N & O | Disney | Vanguard Group (see below) |
| NBC News | Broadcast | N & O | NBC Universal, Comcast | Brian L. Roberts (Center leaning, but likely more R than D) |
| Spectrum News | Cable | News | Charter => Liberty Media | Institutional investors (see below) John C. Malone (Republican) – Liberty Media – 10% Stake |
| NewsNation | Cable | N & O | Nexstar Media Group | Perry A. Sook (Republican) – 33% owner |
| New York Times | N & O | New York Times Company | A.G. Sulzberger, Ochs-Sulzberger family (Democrat leaning) Dual Class Share Structure (see below) | |
| New York Post | N & O | News Corp | Lachlan Murdoch — 33% voting power (Hard Right Republican) | |
| Washington Post | N & O | Nash Holdings, LLC (Private) | Jeff Bezos presumably 100% ownership Nash Holdings (Hard Right Republican) | |
| San Francisco Chronicle | N & O | Hearst Communications | Hearst Family (Republican) | |
| L.A. Times | N & O | Nant Capital, LLC (Private) | Patrick Soon-Shiong (Republican leaning) | |
| USA Today | N & O | USA Today Co, Inc (formerly Gannet) | Institutional Investors (Vanguard, Blackrock, etc) | |
| Wall Street Journal | N & O, Investing | Dow Jones & Company <= News Corp | Rupert Murdoch (Hard Right Republican) | |
| Boston Globe | N & O | Boston Globe Media Partners, LLC | John W. Henry (Democrat) | |
| Chicago Tribune | N & O | Tribune Publishing <= Alden Global Capital | Randall D. Smith (Hard Right Republican), Heath Freeman (Undisclosed, possibly R) | |
| Newsday | N & O | Newsday Media | Patrick Dolan (Democrat leaning) | |
| Minnesota Star Tribune | N & O | Billionaire Glen Taylor | Glen Taylor (Republican) — former politician | |
| Time | Magazine | N & O | Time USA, LLC. | Marc Benioff (Hard Right Republican turned Independent) — 100% owner |
| Newsweek | Magazine | N & O | Owner / Management Owned | Dev Pragad and Johnathan Davis (each holding 50%) — Presumed Republicans |
| One America News Network (OAN) | Internet | N & O | Herring Networks | Robert Herring Sr. (Hard Right Republican) |
| Axios | Internet | N | Cox Enterprises | Cox family (Republicans) |
| Politico | Internet | N & O | Axel Springer SE (German) | Friede Springer & Mathias Döpfner — 95% of shares |
| Propublica | Internet | N & O | Nonprofit | Herbert and Marion Sandler (Democrat) |
| Apple News (aggregator) | App Based | N & O | Institutional Investors (Blackrock, Vanguard, etc) | Tim Cook (Republican) & Arthur Levinson (Democrat, but has contributed to Republicans) |
| Google News (aggregator) | Internet | N & O | Alphabet, Inc. | Larry Page (Left Leaning) and Sergey Brin (Left Leaning) — significant voting power with Class 3 shares |
| Yahoo News (aggregator) | Internet | N & O | Yahoo! Inc. <= Apollo Global Management (90%) and Verizon (10%). | Leon Black, Josh Harris, and Marc Rowan (Apollo) Institutional investors own Verizon. |
Legend
=> Should be read, left side company owns the right side company.
<= Should be read, right side company owns the left side company.
What does the Main Investors column predict?
The Main Investor column potentially predicts the bias of the publication or TV news production. When there are one or two main investors in any business, they tend to have extraordinary input in the functioning of the business at the micromanagement level. To keep these investors happy and on board, management often bends over to the whims of these investors.
What this ultimately means is that newspapers and media can be unduly influenced by such investors into writing articles with certain political slants that favor some political candidates over others and which do not allow the journalist to remain unbiased while reporting.
This micromanagement negatively influences both the trustworthiness level of the news reporting itself and of the political leaning of the news media outlet as a whole.
Additionally, investors who intentionally don’t disclose their political affiliations, either through donations or via disclosing party membership, tends to indicate that these investors are more likely to be reeds-in-the-wind. What a reed-in-the-wind means is that whichever political party is in power, these “reeds” will favor that party by blowing generally in that direction. The reason “reeds” tend to do this is because it allows them to always favor their business’s success by ceding to and feeding the party in power. While being a “reed” may seem like a good business strategy, it can easily backfire on any company when the political party in power is generally disliked by the majority of the populous.
Credibility Ratings and Bias
This next table a few paragraphs below encompasses the same media outlets listed above. The below list includes ratings and commentary of trustworthiness and bias level based on that outlet’s factual reporting versus misinformation, among other factors. This trustworthiness rating is an aggregation of the observable characteristics of various media’s publishing behaviors by Randocity, but it also factors in such ratings from sites like MediaFactsBias.com, OpenSecrets.com (showing political contributions by various owners, operators and investors of the site) and also factors in various other potential and future bias which may influence how a site’s editors operate their news products.
News outlets feature both reporting of actual and, hopefully, factual news information, but also feature opinion and speculative pieces designed to sway audiences to a particular point of view. These ratings encapsulate and aggregate both of the News and Opinion sections into one single rating of trustworthiness. Additionally, a separate news bias rating is also presented that describes how biased any news outlet is or may become in the future.
Recently, many news sites have begun mixing and conflating factual news reporting with opinion news pieces, often marrying the two together into one single segment for the sake of brevity at the cost of drastically increasing bias and simultaneously reducing trustworthiness.
Trustworthiness?
What exactly is trustworthiness for a news media outlet? Simply put, it is a media site’s ability to be believed. You read an article and you either believe what it says OR you do not, or you may land somewhere in between. In the early days of journalism, yellow journalism became important for one reason alone; it sold papers. However, yellow journalism is the practice of embellishing or even fabricating information in an attempt to make the news more sensational than it actually is. Yellow journalism is a stain on journalism and remains so to this day. Yellow journalism is considered unethical journalism. It tarnishes the reputation and trustworthiness of any newspaper, news outlet or any news organization that willfully employs such misinformation and disinformation tactics solely in an attempt at gain more readers, subscribers or followers.
If you’re into TikTok or YouTube shorts, you may recognize the equivalent as ragebait, clickbait and clout chasing.
Some newspapers gained such followings on the backs of yellow journalism papers, like the San Francisco Chronicle, owned by the Hearst Corporation. Other yellow journalism includes the grocery store tabloids like The Sun, The National Enquirer, The National Examiner, The Star and even to a certain degree, People and Us magazines. These tabloid papers, found near your local grocery checkout stand, are not included in these listings because they are not consider news organizations. These “magazines” (ahem) are essentially written almost entirely based on rumors, innuendo, including paparazzi photos of celebrities taking shopping trips along with other inane, but completely not newsworthy articles (if you can even call them articles). I liken these grocery tabloids to adult versions of comic books. When you read something in these tabloids, the trust level is so low as to be nonexistent. When you buy these tabloids, you should go into the purchase knowing that it’s essentially the same as reading a comic book.
Bias?
What exactly is bias? It’s when a writer or news host uses specific words or phrases to lead you into believing that something is true, when in fact, that information may either be only mostly true, mostly false, entirely false or entirely fabricated. In other words, a news host or news writer has a fiduciary and ethical journalistic responsibility to write and report on factual news only. However, because opinion pieces have become the norm on various news channels, opinion is always subject to bias, to the whims of the news host or news writers. Often these opinion shows tend to lead viewers towards liberal or conservative views based entirely on the host’s (and/or channel owner’s) political leanings.
Because many news stations and newspapers have begun serving up opinion as factual news, this leaves viewers and readers in a quandary. This means that what you’re now reading or watching is simply a news host’s opinion. An opinion is an opinion is an opinion! It doesn’t matter if it’s your best friend’s opinion or a random news anchor’s opinion, it doesn’t mean that information is in any way factual or accurate. Why would you want to trust an opinion coming from a random news journalist? You don’t know them personally. So, why trust them?
News stations have slowly begun dropping reporting of factual news in replacement for opinion shows. Some news stations have even begin mixing what appears to be factual news into opinion news segments. The host launches into their show discussing something that appears factual, but then dives into opinion segments. Often, only the most prominent news hosts get to air their opinions directly (Rachel Maddow, Lawrence O’Donnell, Hannity, etc).
Less prominent news hosts rely on talking-head (see talking-head section at the bottom) pundits to provide opinions; opinions and speculation wrapped in the guise of discussing factual news. The format is completely predictable. The news host asks a question of the “panel” and then allows one person on the panel to answer that question, often the news host sways the question in a specific direction using specific leading arguments. This question’s bias is intended to draw out that pundit’s opinion, even as stupid as that opinion may end up being. Sometimes the news host may allow several to answer the same question, but most often it’s limited to one specific pundit (often hoping to gain a specific point of view in the answer). Pundits almost never answer questions factually and simply draw on their own personal “experience” (or not) to offer their opinion and assessment of any specific situation.
You’ll also notice that news hosts never respond to the answers from the pundits. The host asks the question. The pundit answers. The host moves to a new question without even acknowledging that pundit’s answer. It’s fairly bizarre. Why ask a question if you’re not intending to respond to the answer either to agree or disagree?
News hosts also often ask questions involving speculation of what might happen in a month or two or even next year. No one possesses a crystal ball, not even the pundits! Any host that postulates such inane future looking questions should immediately be turned off as useless. Newspapers don’t have the luxury of pundits or of talking-head segments, but those single opinion writers may offer up information that’s just as inane. In fact, often these talking-head segments may use those very same print newspaper pundits by inviting them onto TV news segments. Do with this information what you will.
News sites that are moving towards a mostly opinion news format are considered far less trustworthy than news sites still featuring mainly factual news reporting when combined with limiting or eliminating their opinion shows. The more opinion shows on the air OR the more opinion pieces in print, the less amount of publishing that can be done on factual news. Newspapers might argue this aspect, but there are a limited number of people contributing to a newspaper. Those people can contribute factual news articles or they can contribute opinion pieces. Attempting to do both may not be feasible in the allotted time before the next daily paper is printed. In a 24 hour TV news format, those 24 hours have to be filled with something.
The bottom line is that bias is always derived from opinions. When news is reported accurately and timely, it tells of whatever happened exactly as it happened. When opinion gets involved, it is designed by its very nature to distort facts, some more than others. Opinion intentionally ignores some facts, disguises some facts and twists some facts into a pretzel. This is the exact opposite of factual reporting, with that exact opposite being bias.
Ratings Systems Used
There are two ratings systems involved and presented just below. Trustworthiness ratings are on a 1 to 10 scale with 1 being least trustworthy and 10 being most trustworthy. There is also a second rating system involving political and/or social engineering using an L to R bias for left or right leaning ideologies presented. The scale is from L10 to L1, C, R1 to R10, with L10 being maximum left leaning, L1 being one left of center, C being exactly center, R1 being one right of center and R10 being right most leaning. For visualization purposes, the bias chart appears as follows:
[L10 L9 L8 L7 L6 L5 L4 L3 L2 L1 C R1 R2 R3 R4 R5 R6 R7 R8 R9 R10]
Because this chart is too long to fit into the Bias cell below, the cells are filled solely with the letter+number.
Right vs Left Trustworthiness
While news media outlets can range from fully trustworthy to fully untrustworthy with any bias level, it is pretty much understood that the more right leaning a publication is, the less likely those writers are to consider facts when writing articles. The same may be somewhat true for hard left leaning outlets, but to a lesser degree and frequency.
It is unknown why hard right leaning outlets tend to be more delusional than less right leaning outlets or even hard left leaning outlets, but that’s not for this specific article to uncover. You, the reader, must simply must acknowledge that this phenomenon exists.
Bias Chart
Immediately below is the bias chart:
| Media Name | Trustworthiness | Bias | Comment |
|---|---|---|---|
| Associated Press | 6 | L1 | Trust is lowered because of its affiliate methodology, meaning badly penned articles can slip through its distribution network. |
| Reuters | 9 | C | Canadian owned company likely means least amount of bias over American politics. |
| CNN | 3 | R3 | Now more right leaning after purchase by Discovery with Right Winger John Malone as an investor. |
| Fox News Network | 1 | R10 | Disinformation Central |
| MSNow (formerly MSNBC) | 6 | L3.5 | After spinoff into MS Now, format changes are being slowly introduced. |
| CBS News | 2 | R5 | After CBS bought by right winger David Elison, the network is firmly right wing. |
| ABC News | 6.5 | R1 | News with a Disney bent. |
| NBC News | 5 | R1 | Probably one of the most centrist on this list. |
| Spectrum News | 8 | C | Sticks strictly to reporting, not opining. |
| NewsNation | 4 | R3 | Tries to be centered, but fails most of the time. Reporting is lackluster. |
| New York Times | 5 | R1 | |
| New York Post | 3 | R1 | |
| Washington Post | 1 | R8 | Owned by Right Winger Jeff Bezos. |
| San Francisco Chronicle | 3 | R3 | Began as yellow journalism, may still linger on this one. |
| L.A. Times | 3 | R3 | Owned by an alleged centrist, but is really more right wing than centrist. |
| USA Today | 4 | R2 | |
| Wall Street Journal | 1 | R9 | Owned by Hard Right Winger Rupert Murdoch. |
| Boston Globe | 6 | L1 | |
| Chicago Tribune | 6 | R1 | |
| Newsday | 6 | L3 | |
| Minnesota Star Tribune | 6 | L3 | |
| Time | 4 | R8 | Fairly hard right wing |
| Newsweek | 5 | R3 | More right wing than not. |
| OAN | 1 | R10 | Fox News lite |
| Axios | 5 | CR | Confused |
| Politico | 7 | L3 | |
| Propublica | 7 | L3 | Criticized by right-leaning media as too left-leaning. |
| Apple News | 5 | CR | Aggregator |
| Google News | 5 | CR | Aggregator |
| Yahoo News | 4 | L3 | Aggregator |
Far Right Leaning
Sites like Fox News, OAN, Breitbart and NewsMax are so far right leaning, this author has only included OAN and Fox News as two far right wing examples. There’s no reason to include any other far right media in this list above when Fox News and OAN can serve as both a poster-child and placeholder for all of them. When you see either here, you can simply substitute any of the other far right media using the same level of trust and the same level of bias as Fox News or OAN.
These far right leaning media aren’t in business to offer you accurate or factual information. They’re in business to gaslight you into believing lies, untruths and falsehoods. If you choose to read any of these far right newspapers, sites or watch their TV news programs, you must do so with your eyes open. Know that what they are peddling is almost assuredly inaccurate and often downright false. Believe the far right lies at your own peril.
AllSides Media Ratings
Another chart that is mostly correct, but doesn’t factor in additional elements is the below AllSides Media Bias Chart. For example, CNN is listed as left leaning, but CNN is more right leaning these days than appears in this chart. I wouldn’t put CNN in center. Based on this chart, CNN should be in the same column with Fox Business and Just News. In fact, Fox Business should move to the far right column. CBS news is now also miscategorized. CBS news has recently shifted from its former left leaning position to a right leaning position, again in the same column with the New York Post and Just News.
Axios is a conflicted site. It’s listed as left leaning by the below infographic, but its political news area regularly and specifically pulls Trump news front and center and seemingly tries to paint it in a positive light.
MSNow has been spun off recently and it is unclear exactly where on the bias spectrum they will land. At the moment, AllSides lists them as far left. While this left leaning aspect may be true of Rachel Maddow, Lawrence O’Donnell, Nicolle Wallace and Jen Psaki, the news programs aren’t nearly as far leaning. These above hosts mentioned are opinion hosts. While MSNow is left leaning, it isn’t an L10.
Disclosures involving certain information / investors listed above
Institutional investors are designed to allow many people to all hold investments in funds that that fund company manages. Since these institutional investments aren’t held by one or two individuals alone, these funds don’t seek to sway news media outlets into covering favored, biased or politically charged topics.
The Vanguard Group is an institutional fund. This is a fund (or set of funds) managed by Vanguard and opened up to investors who choose to invest in Vanguard’s funds either through Vanguard itself or through brokerage firms like Charles Schwab or through 401k investment vehicles. Blackrock is similar to Vanguard, but some brokerage firms may be blocking Blackrock orders.
Leon Black (Apollo) is in midst of a securities fraud lawsuit alleging that Black (as an executive of Apollo Global Management, Inc.) may have been involved in concealing payments to Jeffery Epstein, which also implies that Leon Black had business ties to Epstein. This lawsuit seeks remedies for those investors in Apollo who may have suffered losses as a result.
The AP and Reuters both serve as news agencies that perform similar functions, but do it in somewhat different ways. The AP works as a conglomerate news organization, aggregating and publishing articles written by its news station members and affiliates. The AP employs many staff and journalists for the company to function. Reuters directly employs many journalists who seek out and write articles on a wide array of news topics, but Reuters does not offer an affiliate system like the AP. Both of these news agencies seek to write factual news based reporting, but not opinion pieces.
Unbiased Reporting
Are there any sites that presently offer unbiased reporting? There are a few that come close. These news outlets include Spectrum News, Local TV news stations, Reuters and any other news sites that focus strictly on reporting breaking news without including any rhetoric or opinion pieces. Sites that intentionally stay far away from opinion reporting are the closest you will find in unbiased news reporting.
Even though a site may offer unbiased reporting, their factual aspect of reporting may still suffer. Reducing or eliminating opinion and op-ed pieces from a news outlet is the first step towards eliminating unnecessary bias. However, the producers and editors must still shore up fact-checking to ensure that all news pieces have been properly fact-checked and are fully free of unnecessary opinions.
Are news aggregators like Google News and Apple News unbiased? No.
The sheer act of aggregating and curating news articles can introduce and produce bias strictly based on the types and amounts of curated articles included. For example, site curators may choose to include incredibly poorly written, highly biased opinion pieces over properly fact-checked well-written articles that are free from opinion. By a curator intentionally choosing poorly researched and badly written articles over much better written content, that biases these news aggregator sites and reduces the content trust levels. Curators must prioritize curating the best written, most trusted articles over poorly researched and badly written articles. And no, poorly written articles have no place in Journalism or as breaking news at all.
Talking-Heads: Do they help or hurt news segments?
The results are mostly negative on the use of talking-head analyst-pundit-guest segments. The vast majority of the time, these talking-head segments are a severe and worthless waste of time. The analyst-pundits offer less than worthless feedback, throw out useless drivel, regurgitate the news information multiple times over, potentially suggest useless advice and occasionally offer up outright disinformation. Ultimately, these pundit talking-head segments tend to be huge time wasters and a burden for TV news reporting segments. These segments are now essentially being used as time fillers, solely to lead into commercials. As time fillers, I supposed they work for that purpose. As for offering up relevant, useful information (the reason why they should exist), that happens maybe 10% of the time, perhaps less depending on who has been invited.
More than this, some hosts simply don’t know how to frame proper questions, often uttering incredibly pointless, insipid or stupid questions. Questions that often even a teenager could answer. The news host might as well be asking the guests the time of day or what day it is. Often, too many news hosts drone on and on, dragging out their lengthy and wordy question so long that it leaves the pundit less than a few seconds to actually answer the question. That assumes the pundit can even follow that long chaotic train of thought. If your question is required to be so wordy, then move on and ask another. Questions need to be concise and quick. Let the pundit spend the majority of the time answering. Why even invite guests on if the questions fill the majority of the time?
I do understand why pundit segments are used. It allows a news network to platform and voice what might be otherwise considered unpopular points of view and opinions. By having a guest spew this information, it takes the legal burden (or at least this is the hope) off of the network when or if disinformation is spread, misinformation is shared or defamation is traversed. Because this person is an “invited guest”, the theory is the legal responsibility falls onto the guest and off of the network. The jury is still out on this aspect. After all, the guest wouldn’t have been on the news segment speaking without that network invitation.
More than this, these news segments use the host to ask incredibly leading questions. Questions that hope to take the pundit-guest-analyst into territory that might be controversial. Often, guests refuse to bite. Instead, the answer tends to go in a completely different direction, often answering something that wasn’t even asked.
When there is a panel of 3 different talking heads together, things tend to get especially dicey, particularly when the guests are allowed to interact with one another. Being effectively a Zoom call among 4 people who don’t know one another, it can easily turn into a talking-over-one-another or even a one-guest-fighting-with-another problem. This author has seen this outcome all too often. This may be why news sites are now limiting talking heads to one at a time. This guest limiting means producers have determined that these talking-head segments are more of a burden than a help.
Still, the fundamental problem remains. How useful are these talking-head segments to imparting quality news? The short answer is, these segments absolutely are not necessary! News can be imparted without the need for these pointless superfluous pundit segments. The time is now to rethink the use of these segments and finally get rid of them. Let the news speak for itself. We don’t need pundits regurgitating the exact news we’ve already heard several times over.
Closing Statement
If you have questions about a specific media company not included, please leave a comment below. This author is willing to update this article for a limited time to add new companies that may be of interest to readers. A comment will be added when update submissions are closed. Until then, requests for updates remain open.
Media bias exists in just about every news network out there. Every journalist employed holds an opinion. It can be near impossible to extract all of that opinion from the written word. Only with careful editing and consideration of the written and spoken word can bias be removed from news reporting. The first step is to remove the useless opinion pieces from newspapers and television news programs. The second step is to accurately require fact checking and verification of sources. Only by reintroducing both steps back into news reporting can media outlets get back to reporting news accurately.
The third and final step is to reintroduce separate political segments or pages. These clearly labeled “Politics” segments or printed areas specifically confine politics to a single TV program and/or a single printed area of a newspaper. There is no need for news programs and newspapers to continuously and constantly report on politics as front page news every single waking moment. It’s time to put politics back into its own designated corner, leaving headline and front page news to news other than politics.
Linkification of Sites
This article has intentionally refrained from linking to any of the above named media sites. If you wish to visit any of them, it is on you to head to a search engine like Google or DuckDuckGo to find and visit them yourself. This article is here to provide who owns what site and to disclose their trustworthiness and bias levels. It falls on you to decide if, based on these ratings, you wish to find out more about any specific site.
If you enjoy reading Randocity articles, please like, follow, comment and subscribe by email so you never miss an article.
↩︎
Fediverse Reactions
Randocity offers up various articles on various topics including tech, recipes, commentary and more.
Rant Time: Bloomberg and Hacked Servers
Bloomberg has just released a story claiming SuperMicro motherboards destined for large corporations may have been hacked with a tiny “spy” chip. Let’s explore.
Bloomberg’s Claims
Supposedly the reporters for Bloomberg have been working on this story for months. Here’s a situation where Bloomberg’s reporters have just enough information in hand to be dangerous. Let’s understand how this tiny chip might or might not be able to do what Bloomberg’s alarmist view claims. Thanks Bloomberg for killing the stock market today with your alarmist reporting.
Data Compromise
If all of these alleged servers have been compromised by a Chinese hardware hack, someone would have noticed data streaming out of their server to Chinese IP addresses, or at least some consistent address. Security scans of network equipment require looking through inbound and outbound data logs for data patterns. If these motherboards had been compromised, the only way for the Chinese to have gotten that data back is through the network. This means data passing through network cards, switches and routers before ever hitting the Internet.
Even if such a tiny chip were embedded in the system, many internal only servers have no direct Internet access. This means that if these servers are used solely for internal purposes, they couldn’t have transmitted their data back to China. The firewalls would prevent that.
For servers that may have had direct access to the Internet, these servers could have sent payloads, but eventually these patterns would have been detected by systems administrators, network administrators and security administrators in performing standard security checks. It might take a while to find the hacks, but they would be found just strictly because of odd outbound data being sent to locations that don’t make sense.
Bloomberg’s Fantasy
While it is definitely not out of the realm of possibility that China could tamper with and deliver compromised PCB goods to the US, it’s doubtful that this took place in the numbers that Bloomberg has reported.
Worse, Bloomberg makes the claim that this so-called hacked hardware was earmarked for specific large companies. I don’t even see how that’s possible. How would a Chinese factory know the end destination of any specific SuperMicro motherboard? As far as I know, most cloud providers like AWS and Google buy fully assembled equipment, not loose motherboards. How could SuperMicro board builders possibly know it’s going to end up in a server at AWS or Google or Apple? If SuperMicro’s motherboard products have been hacked, they would be hacked randomly and everywhere, not just at AWS or Google or whatever fantasy Bloomberg dreams up.
The Dangers of Outsourcing
As China’s technical design skills grow, so will the plausibility of receiving hacked goods from that region. Everyone takes a risk ordering any electronics from China. China has no scruples about any other country than China. China protects China, but couldn’t give a crap about any other country outside of China. This is a dangerous situation for China. Building electronics for the world requires a level of trust that must exist or China won’t get the business.
Assuming this alleged “spy chip” is genuinely found on SuperMicro motherboards, then that throws a huge damper on buying motherboards and other PCBs made in China. China’s trust level is gone. If Chinese companies are truly willing to compromise equipment at that level, they’re willing to compromise any hardware built in China including cell phones, laptops and tablets.
This means that any company considering manufacturing their main logic boards in China might want to think twice. The consequences here are as serious as it can get for China. China has seen a huge resurgence of inbound money flow into China. If Bloomberg’s notion is true, this situation severely undermines China’s ability to continue at this prosperity level.
What this means ultimately is that these tiny chips could easily be attached to the main board of an iPhone or Android phone or any mobile device. These mobile devices can easily phone home with data from mobile devices. While the SuperMicro motherboard problem might or might not be real, adding such a circuit to a phone is much more undetectable and likely to provide a wealth more data than placing it onto servers behind corporate firewalls.
Rebuttal to Bloomberg
Statements like from this next reporter is why no one should take these media outlets seriously. Let’s listen. Bloomberg’s Jordan Robertson states, “Hardware hacking is the most effective type of hacking an organization can engineer… There are no security systems that can detect that kind of manipulation.” Wrong. There are several security systems that look for unusual data patterns including most intrusion detection systems. Let’s step back for a moment.
If the point in the hardware hacking is to corrupt data, then yes, it would be hard to detect that. You’d just assume the hardware is defective and replace it. However, if the point to the hardware hack is to phone data home, then that is easily detected via various security systems and is easily blocked by firewalls.
The assumption that Jordon is making is that we’re still in the 90s with minimal security. We are no longer in the 90s. Most large organizations today have very tight security around servers. Depending on the role of the server, it might or might not have direct trusted access to secured data. That server might have to ask an internal trusted server to get the data it needs.
For detection purposes, if the server is to be used as a web server, then the majority of the data should have a 1:1 relationship. Basically, one request inbound, some amount of data sent outbound from that request. Data originating from the server without an inbound request would be suspect and could be detected. For legitimate requests, you can see these 1:1 relationships in the logs and when watching the server traffic on a intrusion detection system. For one-sided transactions sending data outbound from the server, the IDS would easily see it and could block it. If you don’t think that most large organizations don’t have an IDS even simply in watch mode, you are mistaken.
If packets of data originate from the server without any prompting, that would eventually be noticed by a dedicated security team performing regular log monitoring and regular server security scans. The security team might not be able to pinpoint the reason (i.e. a hardware hack) for unprompted outbound data, but they will be able to see it.
I have no idea how smart such tiny chip could actually be. Such a tiny chip likely would not have enough memory to store any gathered payload data. Instead, it would have to store that payload either on the operating systems disks or in RAM. If the server was cut off from the Internet as most internal servers are, that disk or RAM would eventually fill its data stores up without transfer of that data to wherever it needed to go. Again, systems administrators would notice the spike in usage of /tmp or RAM due to the chip’s inability to send its payload.
If the hacking chip simply gives remote control access to the server without delivering data at all, then that would also be detected by an IDS system. Anyone attempting to access a port that is not open will be blocked. If the chip makes an outbound connection to a server in China and leaves it open would eventually be detected. Again, a dedicated security team would see the unusual data traffic from/to the server and investigate.
If the hacking chip wants to run code, it would need to compiled it first. That implies having a compiler in that tiny chip. Doubtful. If the system builder installs a compiler, the spy chip might be able to leverage it, assuming it has any level of knowledge about the current operating system installed. That means that chip would have to know about many different versions of Linux, BSD, MacOS X, Windows and so on, then have code ready to deploy for each of these systems. Unlikely.
Standards and Protocols
Bloomberg seems to think there’s some mystery box here that allows China to have access to these servers without bounds. The point to having multi-layer security is to prevent such access. Even if the motherboards were compromised, most of these servers would end up behind multiple firewalls in combination with continuous monitoring for security. Even more than this, many companies segregate servers by type. Servers performing services that need a high degree of security have very limited ability to do anything but their one task. Even getting into these servers can be challenge even for administrators.
For web servers in a DMZ which are open to the world, capturing data here might be easier. However, even if the hacker at SuperMicro did know which company placed an order for motherboards, they wouldn’t know how those servers would ultimately be deployed and used. This means that these chips could be placed into server roles behind enough security to render their ability to spy as worthless.
It’s clear, these reporters are journalists through and through. They really have no skill at being a systems administrator, network engineer or security administrator. Perhaps it’s now time to hire technical consultants at Bloomberg who can help you guide your articles when they involve technical matters? It’s clear, there was no guidance by any technical person who could steer Jordan away from some of the ludicrous statements he’s made.
Bloomberg, hire a technical consultant the next time you chase one of these “security” stories or give it up. At this point, I’m considering Bloomberg to be nothing more a troll looking for views.
If you enjoy reading Randocity, please like, subscribe and leave a comment below.
↩︎
Random Thoughts - Randocity! 
leave a comment