The Semiconductor Shortage Is Causing Cyber Security Problems

Uploaded on 2021-07-26 in TECHNOLOGY--Resilience, TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

With only a few companies dominating global semiconductor manufacturing, a problem with any one can have significant repercussions and the semiconductor supply chain is already fragile from globally disrupted supply chains caused by Coronavirus. 

Increasingly, hardware can be the entry point for a cyber attack. Demand for consumer electronics, including laptops and video games consoles, soared as people moved to work from home and looked for new ways of entertainment. As the use of electronic devices grows, their components have become increasingly vulnerable to malicious tampering and counterfeiting in ways that could compromise the safety of cars, airplanes, electric grids and defense systems. 

Among them are semiconductor chips that make it possible for electronic devices to process, store and transmit data. To address this risk, several universities in the US have established a new research center focused on protecting the security of semiconductors. 

Led by the University of Cincinnati, the new Center for Hardware and Embedded Systems Security and Trust (CHEST), is a National Science Foundation Industry-University Cooperative Research Center that serves as a hub for industry-focused research and currently comprises 23 members across industry and governmental laboratories. The University of Texas leads the consortium’s research on the security and trust of wireless communication devices, threat detection and prevention, protection of intellectual property from unauthorized use, and provenance attestation, which involves a record that describes entities and processes involved in producing the devices.

Dr. Yiorgos Makris, professor of electrical and computer engineering in the Erik Jonsson School of Engineering and Computer Science, University of Texas said: “Suppose a bad actor replaces a chip during a service or upgrade, enabling capabilities that can cause the power distribution network to fail... Semiconductor tampering also has implications for consumer electronics, such as wireless communication devices, where private data may be leaked by untrusted chips, or the automotive industry, where safety may be compromised by counterfeit parts.” 

The global shortage of semiconductors increases the risk of the use of counterfeit parts, Makris said. Desperate suppliers or consumers turn to the gray market to find partsCompanies that design the chips potentially can lose control of what happens to their intellectual property during the manufacturing process.

While the US is a leader in semiconductor design, most of the manufacturing has shifted progressively out of the country over the past 30 years, leaving the US vulnerable to supply chain disruptions out of its control, according to an April 2021 study by the Semiconductor Industry Association. 

Verdict:        Talent 101:      CNBC:      Enterprise Times:        IHLS:     Image: Unsplash

You Might Also Read: 

Taiwan Company Guilty Of Semiconductor IP Theft:

 

« Military Intelligence: British Army Operation Using AI
Security Orchestration Can Help Business SOAR »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Intrinsic-ID

Intrinsic-ID

Intrinsic-ID's authentication technology creates unique IDs and keys to authenticate chips, data, devices and systems.

ProPay

ProPay

ProPay provides secure payment solutions for organizations ranging from small businesses to large enterprises requiring complex payment solutions.

Entreda

Entreda

Entreda offers a unified platform to automate cybersecurity and compliance policy enforcement for your devices, users, networks, applications.

Assac Networks

Assac Networks

Assac Networks ShieldIT is an app that completely protects any BYOD smartphone from both tapping and hacking.

NTIC Cyber Center - USA

NTIC Cyber Center - USA

NTIC Cyber Center is an organization dedicated to making the National Capital Region (Washington DC) more resilient to cyber-attacks.

In Fidem

In Fidem

In Fidem specializes in information security management, with a bold approach that views cybersecurity as a springboard to organizational transformation rather than a barrier to innovation.

RocketCyber

RocketCyber

RocketCyber is a Managed SOC platform empowering Managed Service Providers (MSPs) to deliver security services to small and medium businesses.

Rayzone Group

Rayzone Group

Rayzone Group offers a wide range of Cyber Security solutions and services, providing hollistic protection suitable for both enterprises and National cyber security centers.

Liminal

Liminal

Liminal is a boutique strategy advisory firm serving digital identity, fintech, and cybersecurity clients, and the private equity / venture capital community.

Roberts & Obradovic Law

Roberts & Obradovic Law

Roberts & Obradovic Law Group is a corporate, privacy, employment and litigation law firm.

WillJam Ventures

WillJam Ventures

WillJam Ventures are a private equity firm focused on investing in world-class cybersecurity companies that will become the next generation of leaders in protecting the world’s digital assets.

Huntr

Huntr

Huntr provides a single place for security researchers to submit vulnerabilities, to ensure the security and stability of AI/ML applications.

Tamnoon

Tamnoon

Tamnoon is the Managed Cloud Detection and Response platform that helps you turn CNAPP and CSPM alerts into action and fortify your cloud security posture.

SGS Brightsight

SGS Brightsight

SGS Brightsight is the largest independent security evaluation lab in the world, with ten recognised labs worldwide.

Bonfy.AI

Bonfy.AI

Bonfy.AI prevents incidents in the use and communication of AI and human generated content, providing visibility and proactive risk mitigation of confidentiality, privacy, and compliance.

Sailo Technologies

Sailo Technologies

Sailo.Technologies is a revolutionary company in Blockchain security, integrating advanced cryptographic technologies to defend transactions and digital assets.