| |||
| |||
I wanted to share some groundbreaking reporting we just published on Oligarch Watch, Popular Information's sister publication. |
Musk’s AI supercomputer, used by U.S. military, secretly relies on Chinese hardware
Records obtained by Oligarch Watch reveal that the facility relies on Chinese transformers, creating a major security vulnerability.
| |||||||||||||||
 |
Elon Musk’s artificial intelligence company, xAI, has built its sprawling data center using more than 2,000 metric tons of Chinese-made transformers, a security risk that could leave it vulnerable to espionage or sabotage.
xAI’s Colossus data facility, located in Tennessee and home to the largest AI supercomputer in the world, could be a valuable target for US adversaries due to the company’s work for the Pentagon. The Department of War awarded xAI a contract worth up to $200 million in July to “develop prototype frontier AI capabilities to address critical national security challenges… across warfighting and enterprise domains.”
A cybersecurity firm that consults for the US government has already raised concerns about hostile efforts to infiltrate superintelligence projects like Colossus, including through Chinese-manufactured components that can be “compromised for surveillance or sabotage.”
xAI’s facility in Tennessee has already been targeted by a “foreign national” with “Russian” ties, according to a new lawsuit obtained by Oligarch Watch.
The US government, meanwhile, has become increasingly reliant on xAI’s services. Along with its Pentagon contract, the General Services Administration granted federal agencies approval in September to purchase and use Grok, xAI’s chatbot. The Department of Homeland Security has also reportedly used customized versions of Grok since at least May. More recently, xAI has sought to hire several employees with top-secret security clearances, signaling plans to expand its government work.
xAI did not respond to a request for comment.
xAI’s Chinese transformers
Since October of last year, CTC Property LLC, the xAI affiliate that manages the company’s Tennessee data center, has imported at least eight shipments of transformers from China. Bills of lading identify the components as 2,218 metric tons of three-phase mineral-oil-filled transformers, according to US Customs data compiled by Datamyne, a platform that collects trade analytics. Spread over 1,069 packages, the transformers acquired by xAI include units with power-handling capacities exceeding 10,000 kilovolt-amps (kVA), as well as units with capacities ranging from 650 to 10,000 kVA.
xAI’s use of Chinese-made transformers has not been previously reported.
Transformers, which convert high-voltage electricity into a usable form for servers and other computing equipment, are critical for energy-intensive data centers. Their ubiquity in the AI infrastructure race has created significant shortages, prompting Musk to cite transformers as one of the top bottlenecks facing AI companies. As it raced to catch up with competitors OpenAI and Alphabet, xAI appears to have solved this issue by relying on components from China.
For years, US officials have warned about the risks of using Chinese-made transformers in the electrical grid. New research raises similar concerns about their use in AI data centers.
An April report published by Gladstone AI, a firm that performs AI security consultancy for the government, noted that “the overwhelming majority of transformer substations contain components that were made in China and can be used as back-doors for sabotage operations. Indeed back-door electronics are known to have been installed in Chinese-made transformers.”
The report, which was reportedly shared widely within the Trump administration, stated that projects like xAI’s Colossus are prime targets for such an attack: “If a superintelligence project were kick-started under nominal conditions, unsecured supply chains for AI hardware, as well as electrical and cooling infrastructure could embed physical CCP trojan horses deep into the data centers that house some of the most national security-critical technology America will ever build.”
The Department of Energy appears to have already examined Chinese-made transformers for backdoor access. In 2019, a Chinese transformer bound for a Colorado substation was seized by US authorities for reasons that remain classified, sparking fears that it contained hardware capable of disrupting the national grid. The Director of National Intelligence later published a 2021 report calling the use of Chinese transformers in the electrical grid “a cyber vulnerability risk.”
Other components with backdoor capabilities have been discovered in US energy infrastructure. Reuters reported in May that “rogue communication devices” such as cellular radios have been found in solar power inverters and batteries manufactured by Chinese companies.
Using mechanical components to target data centers has purportedly already occurred. The authors of the Gladstone report told Time in April that national security officials and datacenter operators had been informed of an AI datacenter that “was targeted in an attack against a specific unnamed component which, if it had been successful, would have knocked the entire facility offline for months.”
“Cybersecurity vulnerabilities” and “backdoors”
xAI has quietly acquired Chinese transformers even as it has publicized its purchase of other transformers from Hyosung Hico, a South Korean company that builds some of its components in the US.
Unlike its industry-leading rivals, Anthropic and OpenAI, xAI does not include any supply chain security protocols in its risk management framework. Anthropic has also publicly acknowledged the risks of using Chinese electronics in AI infrastructure, stating in a July report that “reliance on imported components subjects developers both to ‘sudden stop’ risks and to cybersecurity vulnerabilities, with ‘backdoors’ periodically identified in energy components produced in China.”
xAI’s less rigorous approach to procurement aligns with its broader safety practices, which some AI experts have described as inadequate. Criticisms have also been raised about xAI’s cybersecurity approach. In response to a December survey, xAI safety advisor Dan Hendrycks ignored questions about the company’s cybersecurity practices and would not say whether xAI holds regular exercises to test for infrastructure vulnerabilities. He also noted that xAI does not report adverse events, security breaches, or cybersecurity threat intelligence to relevant governments.
xAI data center breached by ‘foreign national,’ according to new lawsuit
xAI has already faced at least one physical security breach at its Colossus data center in Memphis, Tennessee. In a July lawsuit filed in a Texas district court, lawyers for the company accused Aleksandr Shulgin, a former xAI technician subcontractor, of violating a nondisclosure agreement by taking unauthorized photos of the data center’s interior and sharing them online. They also described Shulgin as a “foreign national” with a “Russian” online presence. “It appears these actions may be part of a larger nefarious plan,” wrote xAI’s attorneys.
“Upon information and belief, Shulgin has strong ties to foreign territories known for commercial, political, and other forms of interference,” the lawsuit continued. “This coupled with the taking of such a high volume of photos in just the first month of his employment suggests an improper motive and/or purpose the whole time and perhaps that Shulgin’s employment was not a legitimate attempt at work, but on information and belief, was to further another goal.”
In the filing, xAI requested a temporary restraining order against Shulgin and the seizure of his personal devices.
|