The Semiconductor Shortage Is Causing Cyber Security Problems

Uploaded on 2021-07-26 in TECHNOLOGY--Resilience, TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

With only a few companies dominating global semiconductor manufacturing, a problem with any one can have significant repercussions and the semiconductor supply chain is already fragile from globally disrupted supply chains caused by Coronavirus. 

Increasingly, hardware can be the entry point for a cyber attack. Demand for consumer electronics, including laptops and video games consoles, soared as people moved to work from home and looked for new ways of entertainment. As the use of electronic devices grows, their components have become increasingly vulnerable to malicious tampering and counterfeiting in ways that could compromise the safety of cars, airplanes, electric grids and defense systems. 

Among them are semiconductor chips that make it possible for electronic devices to process, store and transmit data. To address this risk, several universities in the US have established a new research center focused on protecting the security of semiconductors. 

Led by the University of Cincinnati, the new Center for Hardware and Embedded Systems Security and Trust (CHEST), is a National Science Foundation Industry-University Cooperative Research Center that serves as a hub for industry-focused research and currently comprises 23 members across industry and governmental laboratories. The University of Texas leads the consortium’s research on the security and trust of wireless communication devices, threat detection and prevention, protection of intellectual property from unauthorized use, and provenance attestation, which involves a record that describes entities and processes involved in producing the devices.

Dr. Yiorgos Makris, professor of electrical and computer engineering in the Erik Jonsson School of Engineering and Computer Science, University of Texas said: “Suppose a bad actor replaces a chip during a service or upgrade, enabling capabilities that can cause the power distribution network to fail... Semiconductor tampering also has implications for consumer electronics, such as wireless communication devices, where private data may be leaked by untrusted chips, or the automotive industry, where safety may be compromised by counterfeit parts.” 

The global shortage of semiconductors increases the risk of the use of counterfeit parts, Makris said. Desperate suppliers or consumers turn to the gray market to find partsCompanies that design the chips potentially can lose control of what happens to their intellectual property during the manufacturing process.

While the US is a leader in semiconductor design, most of the manufacturing has shifted progressively out of the country over the past 30 years, leaving the US vulnerable to supply chain disruptions out of its control, according to an April 2021 study by the Semiconductor Industry Association. 

Verdict:        Talent 101:      CNBC:      Enterprise Times:        IHLS:     Image: Unsplash

You Might Also Read: 

Taiwan Company Guilty Of Semiconductor IP Theft:

 

« Military Intelligence: British Army Operation Using AI
Security Orchestration Can Help Business SOAR »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Parasoft

Parasoft

Parasoft is an independent software testing and software quality assurance tool and solution vendor.

CCL Solutions Group

CCL Solutions Group

CCL is one of Europe’s leading digital investigation specialists, supporting law enforcement, government and organisations across both public and private sectors.

Rockwell Automation

Rockwell Automation

Rockwell Automation offer industrial security solutions to protect the integrity and availability of your complex automation solutions.

A-SIT Secure Information Technology Center

A-SIT Secure Information Technology Center

A-SIT was founded in 1999 as a registered nonprofit association and is established as a competence center for IT-Security.

CONCERT

CONCERT

CONCERT is a Computer Emergency Response Team and cyber security information sharing network for companies, institutes and government in Korea.

Airbus Cybersecurity

Airbus Cybersecurity

Airbus CyberSecurity is a European specialist in cyber security. Our mission is to protect governments, military and critical national infrastructure enterprises from cyber threats.

Professional Insurance Agents (PIA)

Professional Insurance Agents (PIA)

Professional Insurance Agents (PIA) offer commercial insurance services including Cyber Liability insurance.

GuardiCore

GuardiCore

GuardiCore is an innovator in internal data center security and breach detection and is transforming security inside data centers and clouds.

SecureBrain

SecureBrain

SecureBrain software and services help protect against Japanese-specific cybercrime and global internet security threats such as online fraud, phishing, drive-by downloads and malware attacks.

Capy

Capy

Capy's SaaS-based security solutions will protect your website from bots, spam, humans and more.

IAmI Authentications

IAmI Authentications

IAmI is a first in Tokenization Cloud-based IAM Security Services, delivering the most advanced form of Two-Factor Authentication.

Beyond Identity

Beyond Identity

Beyond Identity employs an elegantly simple concept, the personal certificate authority and self signed certificates, to replace passwords.

Sharktech

Sharktech

Sharktech designs, develops, and supports advanced DDoS protection and web technologies.

Action1

Action1

Action1 is a Cloud-based lightweight endpoint security platform that discovers all of your endpoints in seconds and allows you to retrieve live security information from the entire network.

FirstWave Cloud Technology

FirstWave Cloud Technology

FirstWave Cloud Technology is a global cyber security company which has been delivering Cybersecurity-as-a-service solutions to the market since 2004.

Open Data Security (ODS)

Open Data Security (ODS)

Open Data Security is a market leader in the information security sector, offering services to companies, governments and individuals, helping them shield from hackers and cyber attacks.

Noetic Cyber

Noetic Cyber

Noetic provides a proactive approach to cyber asset and controls management, empowering security teams to see, understand, and optimize their cybersecurity posture.

Lighthouse IT

Lighthouse IT

At Lighthouse IT, we are focused on delivering seamless and reliable services to unlock the value of technology for your business.