The Semiconductor Shortage Is Causing Cyber Security Problems

Uploaded on 2021-07-26 in TECHNOLOGY--Resilience, TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

With only a few companies dominating global semiconductor manufacturing, a problem with any one can have significant repercussions and the semiconductor supply chain is already fragile from globally disrupted supply chains caused by Coronavirus. 

Increasingly, hardware can be the entry point for a cyber attack. Demand for consumer electronics, including laptops and video games consoles, soared as people moved to work from home and looked for new ways of entertainment. As the use of electronic devices grows, their components have become increasingly vulnerable to malicious tampering and counterfeiting in ways that could compromise the safety of cars, airplanes, electric grids and defense systems. 

Among them are semiconductor chips that make it possible for electronic devices to process, store and transmit data. To address this risk, several universities in the US have established a new research center focused on protecting the security of semiconductors. 

Led by the University of Cincinnati, the new Center for Hardware and Embedded Systems Security and Trust (CHEST), is a National Science Foundation Industry-University Cooperative Research Center that serves as a hub for industry-focused research and currently comprises 23 members across industry and governmental laboratories. The University of Texas leads the consortium’s research on the security and trust of wireless communication devices, threat detection and prevention, protection of intellectual property from unauthorized use, and provenance attestation, which involves a record that describes entities and processes involved in producing the devices.

Dr. Yiorgos Makris, professor of electrical and computer engineering in the Erik Jonsson School of Engineering and Computer Science, University of Texas said: “Suppose a bad actor replaces a chip during a service or upgrade, enabling capabilities that can cause the power distribution network to fail... Semiconductor tampering also has implications for consumer electronics, such as wireless communication devices, where private data may be leaked by untrusted chips, or the automotive industry, where safety may be compromised by counterfeit parts.” 

The global shortage of semiconductors increases the risk of the use of counterfeit parts, Makris said. Desperate suppliers or consumers turn to the gray market to find partsCompanies that design the chips potentially can lose control of what happens to their intellectual property during the manufacturing process.

While the US is a leader in semiconductor design, most of the manufacturing has shifted progressively out of the country over the past 30 years, leaving the US vulnerable to supply chain disruptions out of its control, according to an April 2021 study by the Semiconductor Industry Association. 

Verdict:        Talent 101:      CNBC:      Enterprise Times:        IHLS:     Image: Unsplash

You Might Also Read: 

Taiwan Company Guilty Of Semiconductor IP Theft:

 

« Military Intelligence: British Army Operation Using AI
Security Orchestration Can Help Business SOAR »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Decision Group

Decision Group

Decision Group are a Total Solution Supplier offering Network Forensics and Lawful Interception tools.

7 Elements

7 Elements

7 Elements is an independent IT security testing company providing expertise in technical information assurance through security testing, incident response and consultancy.

Idaho National Laboratory (INL)

Idaho National Laboratory (INL)

INL is an applied engineering laboratory dedicated to supporting the US Dept of Energy's missions in energy research, nuclear science and national defense including critical infrastructure protection.

MASS

MASS

MASS provides world-class capabilities in electronic warfare operational support, cyber security, information management, support to military operations and law enforcement.

Honeywell Process Solutions (HPS)

Honeywell Process Solutions (HPS)

Honeywell's Industrial Cyber Security Solutions help plants and critical infrastructure sectors defend the availability, reliability and safety of their industrial control systems.

RiskRecon

RiskRecon

RiskRecon makes it easy to gain deep, risk contextualized insight into the cybersecurity risk performance of all of your third parties.

Phakamo Tech

Phakamo Tech

Phakamo Tech offers a full set of governance, risk, compliance, cybersecurity and Microsoft Cloud services that include consulting, planning, implementation and cyber incident response.

Tide Foundation

Tide Foundation

Tide's breakthrough multi-party-cryptography enables TRUE-zero-trust technology that unlocks cyber-herd immunity.

Sekuro

Sekuro

Sekuro is your leading governance and cyber security partner. Building organisational resilience. Enabling fearless innovation.

Backslash Security

Backslash Security

With Backslash, AppSec teams gain visibility into critical risks in their apps based on reachability and exploitability.

Amtivo Ireland

Amtivo Ireland

Amtivo Ireland (formerly Certification Europe and EQA) offers a range of certifications and related services.

SecuLore

SecuLore

An innovator in public-safety-focused cybersecurity, SecuLore is dedicated to protecting critical infrastructure from cyber attacks.

Nordic Defender

Nordic Defender

Nordic Defender is the first crowd-powered modern cybersecurity solution provider in the Nordic region.

Cyber Dagger

Cyber Dagger

Cyber Dagger is a cybersecurity company driven by a mission to protect digital infrastructures and close the cybersecurity skills gap.

CyberGuardPro

CyberGuardPro

CyberGuardPro is a premier cybersecurity firm that prioritizes safeguarding businesses and individuals from the evolving landscape of digital threats.

North Pole Security

North Pole Security

North Pole Security provide Endpoint Protection For macOS. Meet Workshop, the first modern endpoint protection platform for macOS. Stop threats before they start while keeping the business moving.