The Semiconductor Shortage Is Causing Cyber Security Problems

Uploaded on 2021-07-26 in TECHNOLOGY--Resilience, TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

With only a few companies dominating global semiconductor manufacturing, a problem with any one can have significant repercussions and the semiconductor supply chain is already fragile from globally disrupted supply chains caused by Coronavirus. 

Increasingly, hardware can be the entry point for a cyber attack. Demand for consumer electronics, including laptops and video games consoles, soared as people moved to work from home and looked for new ways of entertainment. As the use of electronic devices grows, their components have become increasingly vulnerable to malicious tampering and counterfeiting in ways that could compromise the safety of cars, airplanes, electric grids and defense systems. 

Among them are semiconductor chips that make it possible for electronic devices to process, store and transmit data. To address this risk, several universities in the US have established a new research center focused on protecting the security of semiconductors. 

Led by the University of Cincinnati, the new Center for Hardware and Embedded Systems Security and Trust (CHEST), is a National Science Foundation Industry-University Cooperative Research Center that serves as a hub for industry-focused research and currently comprises 23 members across industry and governmental laboratories. The University of Texas leads the consortium’s research on the security and trust of wireless communication devices, threat detection and prevention, protection of intellectual property from unauthorized use, and provenance attestation, which involves a record that describes entities and processes involved in producing the devices.

Dr. Yiorgos Makris, professor of electrical and computer engineering in the Erik Jonsson School of Engineering and Computer Science, University of Texas said: “Suppose a bad actor replaces a chip during a service or upgrade, enabling capabilities that can cause the power distribution network to fail... Semiconductor tampering also has implications for consumer electronics, such as wireless communication devices, where private data may be leaked by untrusted chips, or the automotive industry, where safety may be compromised by counterfeit parts.” 

The global shortage of semiconductors increases the risk of the use of counterfeit parts, Makris said. Desperate suppliers or consumers turn to the gray market to find partsCompanies that design the chips potentially can lose control of what happens to their intellectual property during the manufacturing process.

While the US is a leader in semiconductor design, most of the manufacturing has shifted progressively out of the country over the past 30 years, leaving the US vulnerable to supply chain disruptions out of its control, according to an April 2021 study by the Semiconductor Industry Association. 

Verdict:        Talent 101:      CNBC:      Enterprise Times:        IHLS:     Image: Unsplash

You Might Also Read: 

Taiwan Company Guilty Of Semiconductor IP Theft:

 

« Military Intelligence: British Army Operation Using AI
Security Orchestration Can Help Business SOAR »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ATSEC Information Security

ATSEC Information Security

ATSEC is an independent, privately-owned company that focuses on providing laboratory and consulting services for information security.

Apicrypt

Apicrypt

Apicrypt enables secure communications between health professionals by using strong encryption technologies.

CONCERT

CONCERT

CONCERT is a Computer Emergency Response Team and cyber security information sharing network for companies, institutes and government in Korea.

Hitachi Systems Security

Hitachi Systems Security

Hitachi Systems Security provides customized services for monitoring and protecting the most critical and sensitive IT assets in our clients’ infrastructures 24/7.

Blue Lights Digital

Blue Lights Digital

Blue Lights Digital have developed a range of platforms to support digital investigations, as well as providing continued support and education for investigations professionals.

Exeon Analytics

Exeon Analytics

Exeon Analytics is a Swiss cyber security company that is specialized in detecting hidden data breaches and advanced cyber attacks.

Anitian

Anitian

The Anitian Compliance Automation platform builds, configures, and monitors cloud environments to accelerate compliance for standards such as FedRAMP, PCI, ISO/GDPR and CJIS.

Brimondo

Brimondo

At Brimondo we help you to maximize and protect your brand value by being a proactive and strategic partner within brand protection with experts within intellectual property and digital assets.

RapidScale

RapidScale

RapidScale’s managed cloud solutions provide reliable, innovative, and secure services, all complete with white-glove service and full management options.

Blue Lance

Blue Lance

Blue Lance is a global provider of cybersecurity governance solutions. Our software solutions automatically collect and store the information necessary for investigations, audit and compliance.

Privacyware

Privacyware

Privacyware's ThreatSentry combines a state-of-the-art Web Application Firewall and port-level firewall with advanced behavioral filtering to block unwanted IIS traffic and web application threats.

CyberSafe

CyberSafe

CyberSafe is a Portuguese company with a focus on cybersecurity solutions and services including network security, managed security, incident response and forensic analysis.

European Center for CyberSecurity in Aviation (ECCSA)

European Center for CyberSecurity in Aviation (ECCSA)

ECCSA is a cooperative partnership within the aviation community to better understand emerging cybersecurity risks in aviation and provide collective support in dealing with cybersecurity incidents.

ShellBoxes

ShellBoxes

ShellBoxes are a leading Web3 company focused on providing top-notch blockchain security and development services.

Delta Partners

Delta Partners

Delta Partners is a venture capital firm investing in Ireland and the United Kingdom with a strong focus on early stage technology companies.

Sonar

Sonar

AI generated or written by humans, Sonar’s Clean Code Solutions cover your code quality needs, improving code reliability, maintainability, and security.