Chinese Hackers Aim To Plunder Taiwan's Semiconductor Industry

Uploaded on 2020-08-18 in TECHNOLOGY--Hackers, INTELLIGENCE-Hot Spots-China, GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Controlling advanced chip manufacturing in the 21st century may well prove to be like controlling the oil supply in the 20th. The country that controls this manufacturing can throttle the military and economic power of others.

Right now, Taiwan finds itself in an existential conflict with China and has been targeted by China's state-sponsored hackers for years. An investigation by leading Taiwanese security firm CyCraft has revealed just how deeply a single group of Chinese hackers was able to penetrate an industry at the core of the Taiwanese economy, pillaging practically its entire semiconductor industry.

The hackers have compromised at least seven Taiwanese chip firms over the past two years. The hackers went after these seven vendors in the semi-conductor industry in 2018 and 2019, quietly scouring networks for source code and chip-related software. CyCraft analysts say the campaign, which reportedly hit a sprawling campus of computing firms in northwest Taiwan, shows how the tech sector’s most prized data is sought out by well-resourced hacking groups. “They’re choosing the victims very precisely,...They attack the top vendor in a market segment, and then attack their subsidiaries, their competitors, their partners and their supply chain vendors.” say CyCraft.

It was unclear which companies were targeted and CyCraft has declined to name them. It is unclear who was responsible for the hacking. CyCraft said there were signs the group of attackers was based in China, including their familiarity with simplified Chinese characters and the breaks they took during Chinese national holidays. 

The hackers broke into some of the corporate networks by exploiting virtual private networking software, CyCraft said. The attackers then altered a software authentication program and planted malicious code that allowed them to access other machines on the network. “Based on the stolen data, we infer that the actor’s goal was to harvest company trade secrets,” CyCraft wrote in a report. Independent analysts who track China-related hacking activity said they had not observed and verified the particular attacks described by CyCraft. 

The Taiwanese firm said it had conducted incident response on site, and that it plans to release more technical data. But the hacking would not be the first time that the semiconductor industry has been targeted.

The hackers also appeared to operate largely within Beijing's time zone, to follow a "996" work schedule, the 9am to 9pm, six-days-a-week regimen common in the Chinese tech industry, and to take off Mainland Chinese holidays. CyCraft says they've learned from their cooperation with Taiwanese and foreign intelligence agencies that a hacker group using similar techniques also targeted Taiwanese government agencies.

CyCraft said it was unable to tell what the group was doing with all the technological information it had stolen from Taiwan, though its aim could just be to pass on the data to Chinese competitors. 

One of their intentions could be to seek vulnerabilities in new products, making them compromised even before they are made available to the public, researchers said. The more likely motivation of the hacking campaign is simply to give China's own semiconductor makers a leg up over their rivals. 

China has strongly denied accusations of engaging in cyber warfare or hacking, and has said it is itself one of the world’s biggest victims of such incidents.

CyCraft:      Taiwan News:       CyberScoop:       Wired:        Reuters:         News360:

You Might Also Read: 

China's Surveillance State Extends Beyond Its Borders:

 

« Teacher Estimates Replace Algorithm That Reduced Exam Grades
Seven Cyber Security Questions Businesses Need To Ask Themselves »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

NCX Group

NCX Group

NCX Group is committed to helping customers identify and mitigate the risks inherent in today’s interconnected environments and business processes.

44CON

44CON

44CON is an Information Security Conference & Training event taking place in London. Designed to provide something for the business and technical Information Security professional.

Direct Recruiters Inc

Direct Recruiters Inc

Direct Recruiters is a relationship-focused search firm that assists IT Security and Cybersecurity companies with recruiting high-impact talent.

Cast Software

Cast Software

CAST is a pioneer in Software Analysis and Measurement (SAM) to capture and quantify the reliability and security of business applications.

Lynx Software Technologies

Lynx Software Technologies

Lynx provide secure software and operating systems for use in mission critical applications such as aerospace, medical, transportation and IoT.

Genua

Genua

Genua is a specialist in IT security services and solutions ranging from network and infrastructure security to encrypted comms and industrial automation.

Global Cyber Alliance (GCA)

Global Cyber Alliance (GCA)

Global Cyber Alliance is an international, cross-sector effort dedicated to eradicating cyber risk and improving our connected world.

Edvance

Edvance

Edvance operates a range of cybersecurity businesses including value added cybersecurity solutions distribution, security technology innovation and development, and SaS solution offerings.

Irish National Accreditation Board (INAB)

Irish National Accreditation Board (INAB)

INAB is the national accreditation body for Ireland. The directory of members provides details of organisations offering certification services for ISO 27001.

Delfigo Security

Delfigo Security

Delfigo Security, a pioneer in intelligent authentication, provides a strong, multi-factor authentication solution to prevent identity theft and reduce fraud.

Axur

Axur

Discover and eliminate digital fraud and risks on the web. Utilize Axur’s entire AI potential, along with thousands of bots dispersed throughout the surface web as well as the deep and dark web.

Avint

Avint

Avint delivers transformational cybersecurity solutions that help both commercial and government entities achieve mission success.

Arista Middle East

Arista Middle East

Arista Middle East is part of Global Arista Technologies specializing in OT Cybersecurity.

Hexagon

Hexagon

Hexagon is a global leader in digital reality solutions. We are putting data to work to boost efficiency, productivity, quality and safety.

Acumenis

Acumenis

At Acumenis, we help organisations of all sizes to manage information security effectively. Our key services are penetration testing, ISO 27001 implementations, and security

DataProof Communications

DataProof Communications

DataProof Communications is Cybersecurity Company specialising in cybersecurity operations, incident management and response best practices and technologies.