|
 |
I wanted to share some groundbreaking reporting we just published on Oligarch Watch, Popular Information’s sister publication.
If accountability journalism on the world’s wealthiest people piques your interest, I hope you will try a free subscription.
PROGRAMMING NOTE: Popular Information will not publish on Thursday, November 27. Happy Thanksgiving!
Musk’s AI supercomputer, used by U.S. military, secretly relies on Chinese hardware
Records obtained by Oligarch Watch reveal that the facility relies on Chinese transformers, creating a major security vulnerability.
| |||||||||||||||
 |
Editor’s note: This article was originally published on Oligarch Watch.
Elon Musk’s artificial intelligence company, xAI, has built its sprawling data center using more than 2,000 metric tons of Chinese-made transformers, a security risk that could leave it vulnerable to espionage or sabotage.
xAI’s Colossus data facility, located in Tennessee and home to the largest AI supercomputer in the world, could be a valuable target for US adversaries due to the company’s work for the Pentagon. The Department of War awarded xAI a contract worth up to $200 million in July to “develop prototype frontier AI capabilities to address critical national security challenges… across warfighting and enterprise domains.”
A cybersecurity firm that consults for the US government has already raised concerns about hostile efforts to infiltrate superintelligence projects like Colossus, including through Chinese-manufactured components that can be “compromised for surveillance or sabotage.”
xAI’s facility in Tennessee has already been targeted by a “foreign national” with “Russian” ties, according to a new lawsuit obtained by Oligarch Watch.
The US government, meanwhile, has become increasingly reliant on xAI’s services. Along with its Pentagon contract, the General Services Administration granted federal agencies approval in September to purchase and use Grok, xAI’s chatbot. The Department of Homeland Security has also reportedly used customized versions of Grok since at least May. More recently, xAI has sought to hire several employees with top-secret security clearances, signaling plans to expand its government work.
xAI did not respond to a request for comment.
xAI’s Chinese transformers
Since October of last year, CTC Property LLC, the xAI affiliate that manages the company’s Tennessee data center, has imported at least eight shipments of transformers from China. Bills of lading identify the components as 2,218 metric tons of three-phase mineral-oil-filled transformers, according to US Customs data compiled by Datamyne, a platform that collects trade analytics. Spread over 1,069 packages, the transformers acquired by xAI include units with power-handling capacities exceeding 10,000 kilovolt-amps (kVA), as well as units with capacities ranging from 650 to 10,000 kVA.
xAI’s use of Chinese-made transformers has not been previously reported.
Oligarch Watch publishes accountability journalism on the world’s wealthiest people. To receive reporting like this weekly, sign up for a free subscription.
Transformers, which convert high-voltage electricity into a usable form for servers and other computing equipment, are critical for energy-intensive data centers. Their ubiquity in the AI infrastructure race has created significant shortages, prompting Musk to cite transformers as one of the top bottlenecks facing AI companies. As it raced to catch up with competitors OpenAI and Alphabet, xAI appears to have solved this issue by relying on components from China.
For years, US officials have warned about the risks of using Chinese-made transformers in the electrical grid. New research raises similar concerns about their use in AI data centers.
An April report published by Gladstone AI, a firm that performs AI security consultancy for the government, noted that “the overwhelming majority of transformer substations contain components that were made in China and can be used as back-doors for sabotage operations. Indeed back-door electronics are known to have been installed in Chinese-made transformers.”
The report, which was reportedly shared widely within the Trump administration, stated that projects like xAI’s Colossus are prime targets for such an attack: “If a superintelligence project were kick-started under nominal conditions, unsecured supply chains for AI hardware, as well as electrical and cooling infrastructure could embed physical CCP trojan horses deep into the data centers that house some of the most national security-critical technology America will ever build.”
The Department of Energy appears to have already examined Chinese-made transformers for backdoor access. In 2019, a Chinese transformer bound for a Colorado substation was seized by US authorities for reasons that remain classified, sparking fears that it contained hardware capable of disrupting the national grid. The Director of National Intelligence later published a 2021 report calling the use of Chinese transformers in the electrical grid “a cyber vulnerability risk.”
Other components with backdoor capabilities have been discovered in US energy infrastructure. Reuters reported in May that “rogue communication devices” such as cellular radios have been found in solar power inverters and batteries manufactured by Chinese companies.
Using mechanical components to target data centers has purportedly already occurred. The authors of the Gladstone report told Time in April that national security officials and datacenter operators had been informed of an AI datacenter that “was targeted in an attack against a specific unnamed component which, if it had been successful, would have knocked the entire facility offline for months.”
“Cybersecurity vulnerabilities” and “backdoors”
xAI has quietly acquired Chinese transformers even as it has publicized its purchase of other transformers from Hyosung Hico, a South Korean company that builds some of its components in the US.
Unlike its industry-leading rivals, Anthropic and OpenAI, xAI does not include any supply chain security protocols in its risk management framework. Anthropic has also publicly acknowledged the risks of using Chinese electronics in AI infrastructure, stating in a July report that “reliance on imported components subjects developers both to ‘sudden stop’ risks and to cybersecurity vulnerabilities, with ‘backdoors’ periodically identified in energy components produced in China.”
xAI’s less rigorous approach to procurement aligns with its broader safety practices, which some AI experts have described as inadequate. Criticisms have also been raised about xAI’s cybersecurity approach. In response to a December survey, xAI safety advisor Dan Hendrycks