May 17, 2020

Cyber hackers targeting software supply chains, says report

hackers
Supply Chain
Supply Chain
Digitalisation
James Henderson
2 min
Cyber hackers targeting software supply chains, says report
Cyber hackers are "clearly targeting software supply chains" to achieve a range of potential effects to include cyber espionage, organisational disrupti...

Cyber hackers are "clearly targeting software supply chains" to achieve a range of potential effects to include cyber espionage, organisational disruption, or demonstrable financial impact.

That's the verdict of the 2018 Foreign Economic Espionage in Cyberspace report, which said last year represented a watershed in the reporting of software supply chain operations.

In 2017, seven significant events were reported in the public domain compared to only four between 2014 and 2016. As the number of events grows, so too are the potential impacts.

Large-scale events in 2017 included the following:

• Floxif infected 2.2 million worldwide CCleaner customers with a backdoor. The hackers specifically targeted 18 companies and infected 40 computers to conduct espionage to gain access to Samsung, Sony, Asus, Intel, VMWare, O2, Singtel, Gauselmann, Dyn, Chunghwa and Fujitsu.

• Hackers corrupted software distributed by the South Korea-based firm Netsarang, which sells enterprise and network management tools. The backdoor enabled downloading of further malware or theft of information from hundreds of companies in energy, financial services, manufacturing, pharmaceuticals, telecommunications, and transportation industries.

• A tweaked version of M.E. Doc was infected with a backdoor to permit the delivery of software from the Ukrainian accounting firm a destructive payload

disguised as ransomware. This attack, which was attributed to Russia, paralyzed networks worldwide, shutting down or affecting operations of banks, companies, transportation, and utilities. The cost of this attack to FedEx and Maersk was approximately $300 million each. 

• A malware operation dubbed Kingslayer, targeted system administrator accounts associated with U.S. firms to steal credentials in order to breach the system and replace the legitimate application and updates with a malware version containing an embedded backdoor. Although it is not known which and how many firms were ultimately infected, at least one U.S. defence contractor was targeted and compromised.

The report said foreign intelligence services from China, Russia and Iran are the leading sources of cyberthreats targeting economic espionage, and that emerging technologies such as artificial intelligence and the Internet of Things will introduce new attack threats for which U.S. networks are not prepared.

Share article

Jun 23, 2021

Japan Seeks to Revive Stalled Semiconductor Industry

TSMC
Taiwan
Japan
Semiconductor
Elise Leise
3 min
As international supply chains falter, the Japanese government intends to incentivise foreign chipmakers to build localised foundries

Post-pandemic, Japan has seen the consequences of relying solely on foreign imports for its semiconductors. Over 64.2% of its chips are usually imported from South Korea and Taiwan, leaving the country dependent on its neighbours. Industries from auto manufacturers to consumer electronics firms wait for chips, to no avail. But now, the Japanese government looks likely to put real funding behind its semiconductor industry, with top officials emphasising their support.

 

Domestic supply chains have never been more important. Rather than remain tied to international shipping routes during shortages and delays, governments are doing everything in their power to develop local lines of supply. But the question remains: can Japan pull it off? 

 

How Will Japan Pay For It? 

Herein lies our first issue. Japan’s debt has rapidly increased over the past few years, and the semiconductor industry will need roughly a trillion yen—US$9bn—in this fiscal year alone. This cost, however, pales in comparison to what Japan could lose if it fails to keep up with Europe and the US. Both nations have launched aggressive funding measures to revive their local semiconductor industries. And if Japan refuses to invest due to its debt, it could slow down progress in fields ranging from artificial intelligence to autonomous driving. 

 

According to Tetsuro Higashi, the former president of Tokyo Electron and Japan’s top government advisor in semiconductor strategy, ‘If we miss this opportunity now, there may not be another one’. Yet one advanced wafer fabrication factory can cost more than US$10bn, and any money poured into the industry will go fast. That’s why Japan, rather than invest trillions and trillions in failing domestic firms, is considering a second option. 

 

What Do They Plan To Do? 

Japan now intends to look abroad and convince overseas chip foundries to come to its shores. Its past failures mostly centred on trying to merge domestic firms that were already going through tough times. ‘This sort of made-in-Japan self-reliance approach hasn’t worked out well’, said Kazumi Nishikawa, a director at the Ministry of Economy, Trade, and Industry’s IT division. ‘This time the goal is to offer a strong incentive for an overseas logic foundry to come to Japan’. 

 

As follows, Japan will now reach out to industry partners and leaders in other countries, including the industry heavyweight Taiwan Semiconductor Manufacturing Co. (TSMC), to build Japanese bases. According to the South China Morning Post, the heart of Japan’s mission is a US$337.2mn research and development project in Tsukuba that will involve TSMC and more than 20 Japanese firms. ‘I think we need to cooperate with our overseas counterparts’, said Akira Amari, a senior member of the ruling Liberal Democratic Party. ‘[And] TSMC is the world’s top logic chipmaker’. 


Indeed, if that’s Japan’s strategy, the future looks bright. TSMC recently set up a venture near Tokyo to research energy-efficient 3D chips with several Japanese partners. And in the future, the multinational chipmaker may consider expanding its Japanese operations—that is, if government incentives pave the path forward.

Share article