CyCraft
Published in

CyCraft

CyCraft Collaborates with Semiconductor Industry to Strengthen Supply Chain Security

Taipei, Taiwan — January 3, 2022 — CyCraft, a leading managed detection and response provider (MDR) based in Taiwan, joined hands with organizations in the Semiconductor industry, cybersecurity firms, government agencies, and academia in promoting the newly formed Semiconductor Supply Chain Cybersecurity Alliance (半導體供應鏈資安聯盟) at SEMICON Taiwan 2021.

SEMI — the global industry association of international electronic equipment manufacturers — and Taiwan Semiconductor Manufacturing Company (TSMC) have been working hard on strengthening cybersecurity standards across the semiconductor supply chain and prioritizing four key areas: operation system specifications, network-related security, endpoint security, and continuous monitoring.

Taiwan companies supply roughly 63% of the global semiconductor market share.

SEMI CMO and SEMI Taiwan President Terry Tsao (曹世綸) stated his increasing concerns regarding cybersecurity in the semiconductor industry as more and more professional and state-sponsored (and state-ignored) hacker groups are targeting the high-tech manufacturing and semiconductor industries. Taiwan is a critical link in the global semiconductor supply chain as Taiwan companies supply roughly 63% of the global semiconductor market share and over 80 percent of advanced 5nm chip production. During this current global shift towards digitalization in all industries, manufacturers face numerous risks and challenges.

“These challenges are present due to industry constraints — not just tech limitations. One of the biggest security issues in manufacturing is integrating modern AI-driven solutions, like ours, into legacy hardware and software. This presents unique challenges. Hardware diversity and high availability are some of the main concerns of ICS. PLC’s don’t offer the same computing environments as full operating systems, leading to different approaches to security than we see in office IT environments; upgrading every OS patch could cost companies millions of dollars in downtime — which isn’t an option given the industry’s competitive environment. This leads to legacy solutions, even those way past their end of life date, to still be in use; hackers, who continue to find bugs and develop new techniques, can thrive in this terrain, so it’s paramount that we work with organizations like SEMI to find the best middle ground to better achieve security goals for the industry.”
— Chad Duffy, CyCraft Global Product Manager

Call to Action

In the last few years, the Taiwan superconductor supply chain has been heavily impacted by cyberattacks. In 2017, several semiconductor manufacturers (as well as other industries worldwide) were hit by WannaCry ransomware. TSMC immediately began scanning its entire network for any signs of breach. In August 2018, TSMC reported that “a supplier installed tainted software without a virus scan.” The malware rapidly spread to multiple endpoints in some of the TSMC’s more advanced facilities. TSMC had to shut down several of its chip fabrication factories over a weekend for remediation. This led to a severe impact on the global supply chain and raised significant concerns in the industry.

The Semiconductor Supply Chain Security Alliance (半導體供應鏈資安聯盟), established by SEMI Taiwan, has been working with Taiwan companies and factories to formulate effective semiconductor cybersecurity standards to ensure severe incidents — such as the 2018 incident, do not happen again.

TSMC Head of Corporate Information Security and Chairman of SEMI Taiwan Cybersecurity Committee Dr. James Tu (屠震) stated that the issue of cybersecurity is an issue of national security; enterprises should not only take responsibility for their own cybersecurity but also assist both upstream and downstream partners in strengthening the overall security of the entire supply chain.

Action Taken

At SEMICON Taiwan 2021, SEMI CMO and SEMI Taiwan President Terry Tsao (曹世綸) announced that January 2022 would see the launch of the new semiconductor cybersecurity standard officially regarded as SEMI E187-Specifications for Cybersecurity of Fab Equipment. This new standard covers four major areas:

  • Operating System Specifications: All equipment and hardware need to use either current (non-legacy and non-deprecated) OS or long-term supported OS with security updates and tools for maintenance.
  • Network-Related Security: IT personnel must be able to close unused services and monitor the use and management of high-risk TCP/UDP ports, as well as be provided configuration and setting-related instructions for all equipment and hardware.
  • Endpoint Security: While detection and response capabilities are preferred, all devices need self-protection mechanisms, such as anti-virus, application allowlists, and vulnerability scanning.
  • Continuous Monitoring: All hardware must be able to support access control and provide functionality for continuous cybersecurity monitoring.

With the discovery of several critical-level vulnerabilities, 2021 proved to be a challenging year for the cybersecurity industry. Securing only your own organization is no longer enough, as modern supply chain attacks have proven to have unprecedented blast radii.

The SEMI E187 security standard has been years in the making and signals the first of many significant steps towards increasing the overall cyber resilience of the entire global semiconductor supply chain.

Everything Starts From Security

CyCraft Customers can prevent cyber intrusions from escalating into business-altering incidents. From endpoint to network, from investigation to blocking, from in-house to cloud, CyCraft AIR covers all aspects required to provide small, medium, and large organizations with the proactive, intelligent, and adaptable security solutions needed to defend from all manner of modern security threats with real-time protection and visibility across the organization.

Engage with CyCraft

Blog | LinkedIn | Twitter | Facebook | CyCraft

CyCraft secures government agencies, police and defense organizations, Fortune Global 500 firms, top banks and financial institutions, critical infrastructure, airlines, telecommunications, hi-tech firms, SMEs, and more by being Fast / Accurate / Simple / Thorough.

CyCraft powers SOCs using innovative AI-driven technology to automate information security protection with built-in advanced managed detection and response (MDR), global cyber threat intelligence (CTI), smart threat intelligence gateway (TIG) and network detection and response (NDR), security operations center (SOC) operations software, auto-generated incident response (IR) reports, enterprise-wide Health Check (Compromise Assessment, CA), and Secure From Home services. Everything Starts From Security.

Meet your cyber defense needs in the 2020s by engaging with CyCraft at engage@cycraft.com

Additional Resources

  • Read our latest white paper to learn what threat actors target Taiwan, their motivations & how Taiwan organizations retain resilience against some of the most sophisticated and aggressive cyber attacks in the world.
  • Is your SOC prepared for the next decade of cyber attacks? Read our latest report on building effective SOCs in the 2020s, the challenges to overcome, and the stressors to avoid — includes research from Gartner, Inc. on why Midsize enterprises are embracing MDR providers.
  • New to the MITRE Engenuity ATT&CK Evaluations? START HERE for a fast, accurate, simple, thorough introductory guide to understanding the results.
  • Our CyCraft AIR security platform achieved a 96.15% Signal-to-Noise Ratio with zero configuration changes and zero delayed detections straight out of the box.

--

--

--

Everything Starts From Security

Recommended from Medium

CHIM Listing Issues Successfully Resolved And Explained

Roadmap & FAQ SmartDollar.finance

Network Protocols and Firewall Rules

Android Vulnerability — Notification Listener Service HACKS for chat applications

Screenshot of my app

Crust Network Partners with Flow to Introduce Decentralized Storage Solutions

OverTheWire-Bandit

The ‘Missing Link’ To Secure Communication (Part - 3)

GummyBull smart contracts audit report

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
CyCraft Technology Corp

CyCraft Technology Corp

CyCraft automates SOC ops for the Fortune Global 500, national govs, & SMEs with MDR, IR, & threat hunting solutions. Learn more at CyCraft.com

More from Medium

Detecting memfd_create linux fileless malware with EBPF

SOC143 — Password Stealer Detected (Letsdefend.io) step-by-step analysis

Self-Testing: Red Team Augmentation

Analyzing log files — Juicy Details