In the 2015 novel Ghost Fleet, the spark that starts World War III is not a nuclear bomb, but a supply chain hack . In the book—which is based on real-life technology, technical papers, and diplomatic meetings—national security and international relations expert Peter W Singer suggests that Chinese-made microchips embedded in our appliances, devices, satellites, fighter jets, war ships, and tanks could turn against us.

If Businessweek’s story checks out (Motherboard does not have independent reporting on the specifics of the allegations), it would be one of the most important and devastating security breaches in history, one that highlights a core weakness baked into American capitalism. It could have major ramifications not only in the security industry but in international relations. It’s worth noting that the companies involved have vehemently denied any knowledge of the attack, and both Apple and Amazon have flatly—and forcefully—denied that they have ever found any servers that have been attacked in the way described in the article.

Our fighter jets aren’t suddenly shutting off due to a secret Chinese killswitch, but the China-America supply chain has apparently been compromised and weaponized, according to a new blockbuster report by Bloomberg Businessweek . According to the report, a group within China’s People’s Liberation Army (PLA) has embedded a microchip into motherboards used by a company called Supermicro, which sells servers to many major American companies, including Apple and Amazon. According to the report, the microchip is capable of compromising the server, allowing China to spy on the internal networks of some of the world’s most powerful companies.

That was speculative fiction, but cybersecurity experts have warned for years that America’s overreliance on Chinese manufacturing is a major security vulnerability that could fundamentally shift the balance of world power if China were to compromise the integrity of the supply chain.

“There are two possible stories here,” Matthew Green, associate professor at Johns Hopkins University, tweeted about the attack. “One is that there was an attack. The other is that a large swath of the National Security establishment is promoting the idea that there was an attack. Pick your poison.”

Got a tip? You can contact Joseph Cox securely on Signal on +44 20 8133 5190, OTR chat on jfcox@jabber.ccc.de , or email joseph.cox@vice.com . You can contact Jason Koebler on Signal on +1 347 513 3688 or email jason.koebler@vice.com .

Regardless of whether or not the attack happened, it is now the cover story in one of the most important business publications in the world, and it brings to light an inherent tension in American-Chinese relations, and a global cybersecurity issue researchers have been warning us about for years.

"At no time, past or present, have we ever found any issues relating to modified hardware or malicious chips in SuperMicro motherboards in any [Amazon subsidiary] Elemental or Amazon systems," Amazon wrote in a blog post . "Nor have we engaged in an investigation with the government."

“Apple has never found malicious chips, ‘hardware manipulations’ or vulnerabilities purposely planted in any server,” Apple told Bloomberg. “We are deeply disappointed that in their dealings with us, Bloomberg’s reporters have not been open to the possibility that they or their sources might be wrong or misinformed.”

“It is an explosive story, incredibly significant for cybersecurity,” Singer, a strategist and senior fellow at the New America Foundation, told Motherboard. “But even it undersells the potential impact. The focus of concern now is using the hardware hack as a means to steal information. However, this type of operation (not exactly what they did here, but the type of attack overall) could be used to shut down the flow of information or change it.”

What Is a Supply Chain Attack?

Computers, mobile phones, and servers are made up of an almost unfathomably complex, interlocking set of components, chips, and boards. These could be sourced from all across the world, and developed by various companies, before coming together to form the final product. A supply chain attack is one that introduces new parts, or tampers with existing ones, somewhere in that process to give a hacker access. But the manufacturing process can be so hard to audit, that, depending on the step the hackers may target, they may get away with adding new malicious components to a computer or server.

“Hardware is a nightmare. We can barely validate software, and all our assumptions rely on the hardware working correctly. Pull away that assumption, it’s like removing the screws from a piece of IKEA furniture,” Green told Motherboard in an online chat.