The Semiconductor Shortage Is Causing Cyber Security Problems

With only a few companies dominating global semiconductor manufacturing, a problem with any one can have significant repercussions and the semiconductor supply chain is already fragile from globally disrupted supply chains caused by Coronavirus. 

Increasingly, hardware can be the entry point for a cyber attack. Demand for consumer electronics, including laptops and video games consoles, soared as people moved to work from home and looked for new ways of entertainment. As the use of electronic devices grows, their components have become increasingly vulnerable to malicious tampering and counterfeiting in ways that could compromise the safety of cars, airplanes, electric grids and defense systems. 

Among them are semiconductor chips that make it possible for electronic devices to process, store and transmit data. To address this risk, several universities in the US have established a new research center focused on protecting the security of semiconductors. 

Led by the University of Cincinnati, the new Center for Hardware and Embedded Systems Security and Trust (CHEST), is a National Science Foundation Industry-University Cooperative Research Center that serves as a hub for industry-focused research and currently comprises 23 members across industry and governmental laboratories. The University of Texas leads the consortium’s research on the security and trust of wireless communication devices, threat detection and prevention, protection of intellectual property from unauthorized use, and provenance attestation, which involves a record that describes entities and processes involved in producing the devices.

Dr. Yiorgos Makris, professor of electrical and computer engineering in the Erik Jonsson School of Engineering and Computer Science, University of Texas said: “Suppose a bad actor replaces a chip during a service or upgrade, enabling capabilities that can cause the power distribution network to fail... Semiconductor tampering also has implications for consumer electronics, such as wireless communication devices, where private data may be leaked by untrusted chips, or the automotive industry, where safety may be compromised by counterfeit parts.” 

The global shortage of semiconductors increases the risk of the use of counterfeit parts, Makris said. Desperate suppliers or consumers turn to the gray market to find partsCompanies that design the chips potentially can lose control of what happens to their intellectual property during the manufacturing process.

While the US is a leader in semiconductor design, most of the manufacturing has shifted progressively out of the country over the past 30 years, leaving the US vulnerable to supply chain disruptions out of its control, according to an April 2021 study by the Semiconductor Industry Association. 

Verdict:        Talent 101:      CNBC:      Enterprise Times:        IHLS:     Image: Unsplash

You Might Also Read: 

Taiwan Company Guilty Of Semiconductor IP Theft:

 

« Military Intelligence: British Army Operation Using AI
Security Orchestration Can Help Business SOAR »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Rackspace Technology

Rackspace Technology

Rackspace Technology is a leading provider of managed services across all major public and private cloud technologies. Secure your IT environments with powerful cloud security solutions and support.

Allen & Overy

Allen & Overy

Allen & Overy is an international law firm. Practice areas include Cybersecurity and Data Protection.

Avatu

Avatu

Avatu specialise in providing clients the advice, technology and tools they need to fight cyber and insider threats.

Competence Center for Applied Security Technology (CAST)

Competence Center for Applied Security Technology (CAST)

CAST offers a range of services in the field of secure modern information technology and a contact point for all questions regarding IT security.

The Data Privacy Group

The Data Privacy Group

The Data Privacy Group provide expert professional services underpinned by world leading automation tools and a consulting team specialized in privacy and data protection.

Buglab

Buglab

The Buglab contest and Vigilante Protocol help companies all over the world to discover and fix vulnerabilities on their digital solutions or assets.

Aptiv

Aptiv

Aptiv is a global technology company that develops safer, greener and more connected solutions enabling the future of mobility.

BHC Laboratory

BHC Laboratory

BHC Laboratory is a cyber capabilities’ development company for a wide range of global customers.

Soffid

Soffid

Soffid provides full Single-Sign-On experience and full Identity and Access Management features by policy-based centralised orchestration of user identities.

KT Secure

KT Secure

KTSecure’s mission is to provide proven and productive cyber security solutions and managed services, backed by our highly qualified and passionate team of experts.

META-Cyber

META-Cyber

META-cyber was founded by engineers with experience in process and control-protection to provide cyber security for industrial infrastructure.

SubCom

SubCom

How Much Do You Trust Your Endpoint? With our ‘Habituation Neural Fabric’ based endpoint security platform, you can observe and manage the Trust Score of your endpoints in real-time.

Ruptura InfoSecurity

Ruptura InfoSecurity

Ruptura InfoSecurity provide CREST Accredited Penetration Testing & Offensive Security Services. We secure your critical assets through targeted and research driven penetration testing.

Leostream

Leostream

Leostream's Remote Desktop Access Platform enables seamless work-from-anywhere flexibility while maintaining security and constant visibility of users.

SecureFlag

SecureFlag

SecureFlag is dedicated to enhancing secure coding across all technical profiles within the Software Development Lifecycle.

Orchid Security

Orchid Security

Orchid Security provides unprecedented insight and action to your identity security with the help of advanced technologies like Large Language Models (LLM).