EclecticIQ

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

U.S. Seeks to Incentivize Semiconductor Manufacturing Domestically

This issue of the Analyst Prompt looks at the latest attempts by the U.S. government to limit China’s access to high end technology, the continuation of ransomware groups targeting critical infrastructure and the recent claims by a hacktivist group.

EclecticIQ Threat Research Team September 14, 2022

tap-17-2022

Policy and Governance: U.S. Government Restricts AI Chips to China

U.S. government officials have instructed the American technology company NVIDIA to stop exporting products containing the A100 and H100, two high-end processors for artificial intelligence (AI) work, to China (1). The restrictions are intended to mitigate the risk that the processors are possibly used for military purposes (2). They will also affect cloud service providers and large internet companies in China, which are some of the biggest users of these types of processors (1). The Chinese Foreign Ministry responded to the restrictions by accusing the U.S. of a ‘tech blockade’ (2).

The U.S. continues to leverage its unique position as the major technology leader in chip design to maintain its superiority. In 2020, the Trump administration banned suppliers from selling chips using U.S. technology to Huawei without a special license (3). In the same year, Britain announced that Huawei would be stripped of its role in the UK’s 5G network (4), with U.S. pressure playing a major role in the decision (5). U.S. and allies’ sanctions have caused issues elsewhere. In Russia, companies that manufacture military equipment experience bottlenecks when procuring semiconductors, companies have difficulty accessing 5G hardware domestically, and local cloud service providers face challenges in increasing their number of servers (6).

Although the U.S. is a leader in processor design, chip manufacturing expertise has been centralized in the far east, especially in Taiwan. This shift toward production in the far-east has been exacerbated by Intel’s - a U.S. company - recent troubles in shrinking their node size to compete with Taiwan Semiconductor Manufacturing Company (TSMC) (7). The Biden administration passed the U.S. Chips Act on August 9th, 2022 (8) to encourage processor manufacturing on American soil. TSMC completed the construction of its fabrication plant in Arizona, with production expected to start in 2024 (9). The bill and U.S. technology have led South Korean companies Samsung Electronics and SK Hynix to rethink their exposure to China (10).

Globally, countries and trade blocs are realizing the importance of domestic chip manufacturing due to the supply chain vulnerabilities highlighted by the pandemic. On February 8th, 2022, the European Union (EU) adopted the European Chips Acts to encourage investment and partnerships to increase the EU’s chip manufacturing capability (11). The British government (12) and the London stock exchange (LSE) (13) are both lobbying the UK-based chip designer Arm to float on the LSE to keep chip design expertise on British shores.

Malware and Key Infrastructure and Critical Vulnerabilities: Ransomware Groups Continue to Target Government and Critical Infrastructure

Ransomware incidents continue to target government organizations and private companies providing critical infrastructure. Recently, the following organizations have been targeted by a ransomware group:

  • Cuba ransomware targeted the government of Montenegro (14)
  • Quantum ransom targeted the Dominican Republic’s Ministry of Agriculture (15)
  • Unknown ransomware targets a Chilean government agency (16)
  • A French hospital (17) was targeted with ransomware
  • BlackCat targeted Italy’s GSE (Electric Service) (18)

Organizations related to government and critical infrastructure are still major targets for ransomware groups due to the likelihood of payout. This trend has been occurring for the past couple of years; in 2021 ransomware was the number one attack vector on critical infrastructure (19). In 2021, 649 critical organizations belonging to a critical infrastructure sector were victims of a ransomware attack, with 14 out of 16 critical infrastructure sectors falling victim to ransom attacks (20).

New and Noteworthy: Tiktok Denies Breach of User Data

On September 3rd, on the Breach Forums message board, a user with the handle AgainstTheWest claimed to have stolen data from TikTok and WeChat. The user included a link to samples of the data as well as a video of database tables. According to the post, the group collected two billion records from the database and stole the internal backend source code of TikTok. TikTok stated that they investigated these claims and found no evidence of a security breach and the stolen code is “completely unrelated to TikTok’s backend source code” (21).

AgainstTheWest (ATW) is a western European hacktivist group that has allegedly targeted China and Russia since October 2021. They target countries they perceive to be a threat to western society with the aim of leaking sensitive data. ATW stated they plan to target North Korea, Belarus, and Iran in the future. They claim they do not use ransomware, that they will never target the West and they have received requests for data from contacts they believe to be involved with nation-state governments (22).

About EclecticIQ Threat Research

EclecticIQ is a global provider of threat intelligence, hunting, and response technology and services. Headquartered in Amsterdam, the EclecticIQ Threat Research team is made up of experts from Europe and the U.S. with decades of experience in cyber security and intelligence in industry and government.

We would love to hear from you. Please send us your feedback by emailing us at research@eclecticiq.com or fill in the EclecticIQ Audience Interest Survey to drive our research towards your priority area.

Structured Data

Find the Analyst Prompt and earlier editions in our public TAXII collection for easy use in your security stack.

TAXII v1 Discovery services: https://cti.eclecticiq.com/taxii/discovery

Please refer to our support page for guidance on how to access the feeds.

You might also be interested in:

Network Environment-Focused Conversations Needed in Approaches to Cyber Security

Emotet Downloader Document Uses Regsvr32 for Execution

AI Facial Recognition Used in Ukraine/Russia War Prone to Vulnerabilities

Appendix

  1. https://www.ft.com/content/7005d5d2-b02f-4092-a35c-8b44889a5f90
  2. https://www.reuters.com/technology/nvidia-says-us-has-imposed-new-license-requirement-future-exports-china-2022-08-31/
  3. https://www.businessinsider.com/new-us-sanctions-to-slam-huawei-further-roil-tech-supply-2020-8
  4. https://www.theguardian.com/technology/2020/jul/14/huawei-to-be-stripped-of-role-in-uk-5g-network-by-2027-dowden-confirms
  5. https://www.theguardian.com/technology/2020/jul/18/pressure-from-trump-led-to-5g-ban-britain-tells-huawei
  6. https://www.ft.com/content/caf2cd3c-1f42-4e4a-b24b-c0ed803a6245
  7. https://www.spglobal.com/marketintelligence/en/news-insights/latest-news-headlines/intel-faces-years-of-struggle-if-it-wants-to-catch-surpass-rival-amd-62297105
  8. https://www.whitehouse.gov/briefing-room/statements-releases/2022/08/09/fact-sheet-chips-and-science-act-will-lower-costs-create-jobs-strengthen-supply-chains-and-counter-china/
  9. https://www.tomshardware.com/news/tsmc-fab-21-arizona
  10. https://www.ft.com/content/0b997942-93bd-4a67-9784-928af2641738
  11. https://ec.europa.eu/commission/presscorner/detail/en/statement_22_866
  12. https://www.theguardian.com/business/2022/may/03/boris-johnson-uk-chip-designer-arm-list-london
  13. https://www.bloomberg.com/news/articles/2022-07-21/lse-in-fight-for-arm-to-list-in-london-says-ceo-hoggett
  14. https://www.reuters.com/world/europe/montenegro-blames-criminal-gang-cyber-attacks-government-2022-08-31/
  15. https://hoy.com.do/hackers-atacan-el-iad-piden-unos-us600-mil-para-devolverle-datos/
  16. https://www.csirt.gob.cl/noticias/alerta-de-seguridad-cibernetica-incidente-en-servicio-publico/
  17. https://www.lemonde.fr/pixels/article/2022/08/22/un-hopital-de-l-essonne-victime-d-une-cyberattaque-son-activite-fortement-perturbee_6138677_4408996.html
  18. https://www.reuters.com/technology/ransomware-group-blackcat-behind-italys-gse-hacking-researchers-say-2022-09-02/
  19. https://www.csoonline.com/article/3651370/ransomware-is-top-attack-vector-on-critical-infrastructure.html
  20. https://www.ic3.gov/Media/PDF/AnnualReport/2021_IC3Report.pdf
  21. https://www.forbes.com/sites/daveywinder/2022/09/06/has-tiktok-us-been-hacked-and-2-billion-database-records-stolen/?sh=3b3c9a8d105d
  22. https://cyberknow.medium.com/an-interview-with-againstthewest-b7aa1625fc4f

Receive all our latest updates

Subscribe to receive the latest EclecticIQ news, event invites, and Threat Intelligence blog posts.

Explore all topics

© 2014 – 2024 EclecticIQ B.V.
EclecticIQ. Intelligence, Automation, Collaboration.
Get demo