Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Chip Maker. Show all posts

Chinese Hackers Lurked for Over Two Years to Steal NXP's Chipmaking IP

 

Chinese-affiliated hacker group Chimaera secured access to the network of the massive Dutch semiconductor company NXP for more than two years, from late 2017 to the start of 2020, NRC reported.During this time, the notorious hackers allegedly stole intellectual property, including chip designs; however, the full extent of the theft has yet to be revealed. NXP is Europe's largest chipmaker, and the scale and scope of the disclosed attack is alarming. 

The report claims that the hackers lurked in the company's network for almost 2.5 years before the breach was discovered; the Dutch airline Transavia, a subsidiary of KLM, was the target of a similar attack. In September 2019, hackers gained access to Transavia's reservation systems. The NXP hack was discovered as a result of communications with NXP IPs found during an investigation into the Transavia hack. The attack uses the ChimeRAR hacker tool, which is one of the defining characteristics of the Chimaera hacking group. 

To gain access to NXP, the hackers first used credentials extracted from previous data leaks on platforms such as LinkedIn or Facebook, and then used brute force attacks to guess passwords. They also got around double authentication by changing phone numbers. The attackers were patient, only checking for new data to steal every few weeks, and then snuck the data out by uploading encrypted files to online cloud storage services such as Microsoft's OneDrive, Dropbox, and Google Drive. 

Being a significant player in the global semiconductor market, NXP gained even more clout in 2015 when it purchased the American company Freescale. NXP is well-known for creating secure Mifare chips for Dutch public transport in addition to secure components for the iPhone, specifically Apple Pay.

NXP claims that the breach did not cause material damage, despite acknowledging that its intellectual property had been stolen. The company cites the complexity of the stolen data as a barrier to easy design replication. According to the NRC, the company felt no need to notify the public as a result. 

NXP apparently strengthened its network security after the breach. The business tightened its internal data accessibility and transfer policies and upgraded its monitoring systems. These preventative measures were meant to avert future incidents of the same kind, preserve the network's integrity, and protect the company's valuable intellectual property.

Netherlands Restricts Key Tech Exports in US-China Chip Battle

According to sources, the Netherlands government would impose export limits on the nation's most cutting-edge microprocessor technology in order to safeguard national security.

Products manufactured by ASML, a significant company in the worldwide semiconductor supply chain, will be subject to the embargo. China has filed a formal complaint about the action in response.

The administration of US President Joe Biden has put restrictions on semiconductor exports to its chief superpower rival in an effort to halt the development of cutting-edge technology that might be employed in military modernization and human rights abuses as geopolitical tensions between the US and China increase. The US has also pressed its international allies to follow suit.

The Dutch trade minister, Ms. Schreinemacher, said that the Dutch government had taken into account the technological changes and geopolitical environment, but did not specifically mention China or ASML. To export technology, including the most modern Deep Ultra Violet (DUV) immersion lithography and deposition, enterprises would now need to apply for licenses.

The firm stated that it "does not expect these steps to have a major impact on our financial projection that we have released for 2023 or for our longer-term scenarios as indicated during our Investor Day in November last year."

No matter where in the globe the chips were produced, Washington stated in October that it would want licenses from businesses exporting them to China using US equipment or software.

The US position on semiconductors has drawn criticism from South Korea's trade ministry this week. The South Korean government shall make it abundantly clear that the terms of the Chips Act may increase economic uncertainty, undermine companies' management and intellectual property rights, and lessen the allure of investing in the United States. 


Chip Maker ADATA Attacked by Ragnar Locker Ransomware Group

 

ADATA, a Taiwan-based leading memory and storage manufacturer, was forced to take its systems offline after a ransomware attack crippled its network in late May. 

ADATA is known for manufacturing superior DRAM memory modules, NAND nonvolatile storage cards, mobile accessories, gaming products, diversion products, wattage trains, and industrial solutions.

ADATA admitted in an email to Bleeping Computer that it was hit by a ransomware attack on May 23, 2021, and responded by shutting down the impacted systems and notifying all relevant international authorities of the ransomware attack. However, the firm claims that its business operations are no longer disrupted and that it is busy restoring the affected devices. 

ADATA didn’t offer info on the ransomware operation behind the incident or any ransom demands. However, Bleeping Computer says that the Ragnar Locker ransomware gang has already taken the responsibility for the ADATA attack. In fact, Ragnar Locker says that they have allegedly taken one 1.5TB of sensitive information from ADATA’s computers before deploying the ransomware. 

So far, the ransomware gang has posted screenshots of the stolen files in order to prove their claims. However, they’re threatening to leak the rest of the data if the memory manufacturer does not pay the ransom. Chip manufacturers have become a lucrative target for ransomware operators, who can use the threat of downtime, which can prove to be a lot more costly in these turbulent times than the ransom, as another bargaining chip.

Security researchers discovered the Ragnar Locker ransomware in late December 2019. The gang operates by targeting enterprise endpoints and terminating remote management computer code (such as ConnectWise and Kaseya) installed by managed service suppliers (MSPs) to manage clients’ systems remotely.

In November 2020, the FBI said that Ragnar Locker Ransomware targeted "cloud service providers, communication, construction, travel, and enterprise software companies." The attack on ADATA is significant also because of its timing, as it comes in the midst of the ongoing chip shortage. With manufacturers struggling to keep pace with the demands, any downtime could further delay the industry's recovery. 

ADATA stated to BleepingComputer that it is "determined to devote ourselves making the system protected than ever, and yes, this will be our endless practice while the company is moving forward to its future growth and achievements."