U.S. Seeks to Incentivize Semiconductor Manufacturing Domestically

Policy and Governance: U.S. Government Restricts AI Chips to China

U.S. government officials have instructed the American technology company NVIDIA to stop exporting products containing the A100 and H100, two high-end processors for artificial intelligence (AI) work, to China (1). The restrictions are intended to mitigate the risk that the processors are possibly used for military purposes (2). They will also affect cloud service providers and large internet companies in China, which are some of the biggest users of these types of processors (1). The Chinese Foreign Ministry responded to the restrictions by accusing the U.S. of a ‘tech blockade’ (2).

The U.S. continues to leverage its unique position as the major technology leader in chip design to maintain its superiority. In 2020, the Trump administration banned suppliers from selling chips using U.S. technology to Huawei without a special license (3). In the same year, Britain announced that Huawei would be stripped of its role in the UK’s 5G network (4), with U.S. pressure playing a major role in the decision (5). U.S. and allies’ sanctions have caused issues elsewhere. In Russia, companies that manufacture military equipment experience bottlenecks when procuring semiconductors, companies have difficulty accessing 5G hardware domestically, and local cloud service providers face challenges in increasing their number of servers (6).

Although the U.S. is a leader in processor design, chip manufacturing expertise has been centralized in the far east, especially in Taiwan. This shift toward production in the far-east has been exacerbated by Intel’s - a U.S. company - recent troubles in shrinking their node size to compete with Taiwan Semiconductor Manufacturing Company (TSMC) (7). The Biden administration passed the U.S. Chips Act on August 9th, 2022 (8) to encourage processor manufacturing on American soil. TSMC completed the construction of its fabrication plant in Arizona, with production expected to start in 2024 (9). The bill and U.S. technology have led South Korean companies Samsung Electronics and SK Hynix to rethink their exposure to China (10).

Globally, countries and trade blocs are realizing the importance of domestic chip manufacturing due to the supply chain vulnerabilities highlighted by the pandemic. On February 8th, 2022, the European Union (EU) adopted the European Chips Acts to encourage investment and partnerships to increase the EU’s chip manufacturing capability (11). The British government (12) and the London stock exchange (LSE) (13) are both lobbying the UK-based chip designer Arm to float on the LSE to keep chip design expertise on British shores.

Malware and Key Infrastructure and Critical Vulnerabilities: Ransomware Groups Continue to Target Government and Critical Infrastructure

Ransomware incidents continue to target government organizations and private companies providing critical infrastructure. Recently, the following organizations have been targeted by a ransomware group:

• Cuba ransomware targeted the government of Montenegro (14)
• Quantum ransom targeted the Dominican Republic’s Ministry of Agriculture (15)
• Unknown ransomware targets a Chilean government agency (16)
• A French hospital (17) was targeted with ransomware
• BlackCat targeted Italy’s GSE (Electric Service) (18)

Organizations related to government and critical infrastructure are still major targets for ransomware groups due to the likelihood of payout. This trend has been occurring for the past couple of years; in 2021 ransomware was the number one attack vector on critical infrastructure (19). In 2021, 649 critical organizations belonging to a critical infrastructure sector were victims of a ransomware attack, with 14 out of 16 critical infrastructure sectors falling victim to ransom attacks (20).

New and Noteworthy: Tiktok Denies Breach of User Data

On September 3rd, on the Breach Forums message board, a user with the handle AgainstTheWest claimed to have stolen data from TikTok and WeChat. The user included a link to samples of the data as well as a video of database tables. According to the post, the group collected two billion records from the database and stole the internal backend source code of TikTok. TikTok stated that they investigated these claims and found no evidence of a security breach and the stolen code is “completely unrelated to TikTok’s backend source code” (21).

AgainstTheWest (ATW) is a western European hacktivist group that has allegedly targeted China and Russia since October 2021. They target countries they perceive to be a threat to western society with the aim of leaking sensitive data. ATW stated they plan to target North Korea, Belarus, and Iran in the future. They claim they do not use ransomware, that they will never target the West and they have received requests for data from contacts they believe to be involved with nation-state governments (22).

About EclecticIQ Threat Research

EclecticIQ is a global provider of threat intelligence, hunting, and response technology and services. Headquartered in Amsterdam, the EclecticIQ Threat Research team is made up of experts from Europe and the U.S. with decades of experience in cyber security and intelligence in industry and government.

We would love to hear from you. Please send us your feedback by emailing us at research@eclecticiq.com or fill in the EclecticIQ Audience Interest Survey to drive our research towards your priority area.

Structured Data

Find the Analyst Prompt and earlier editions in our public TAXII collection for easy use in your security stack.

TAXII v1 Discovery services: https://cti.eclecticiq.com/taxii/discovery

Please refer to our support page for guidance on how to access the feeds.

You might also be interested in:

Network Environment-Focused Conversations Needed in Approaches to Cyber Security

Emotet Downloader Document Uses Regsvr32 for Execution

AI Facial Recognition Used in Ukraine/Russia War Prone to Vulnerabilities

Appendix

1. https://www.ft.com/content/7005d5d2-b02f-4092-a35c-8b44889a5f90
2. https://www.reuters.com/technology/nvidia-says-us-has-imposed-new-license-requirement-future-exports-china-2022-08-31/
3. https://www.businessinsider.com/new-us-sanctions-to-slam-huawei-further-roil-tech-supply-2020-8
4. https://www.theguardian.com/technology/2020/jul/14/huawei-to-be-stripped-of-role-in-uk-5g-network-by-2027-dowden-confirms
5. https://www.theguardian.com/technology/2020/jul/18/pressure-from-trump-led-to-5g-ban-britain-tells-huawei
6. https://www.ft.com/content/caf2cd3c-1f42-4e4a-b24b-c0ed803a6245
7. https://www.spglobal.com/marketintelligence/en/news-insights/latest-news-headlines/intel-faces-years-of-struggle-if-it-wants-to-catch-surpass-rival-amd-62297105
8. https://www.whitehouse.gov/briefing-room/statements-releases/2022/08/09/fact-sheet-chips-and-science-act-will-lower-costs-create-jobs-strengthen-supply-chains-and-counter-china/
9. https://www.tomshardware.com/news/tsmc-fab-21-arizona
10. https://www.ft.com/content/0b997942-93bd-4a67-9784-928af2641738
11. https://ec.europa.eu/commission/presscorner/detail/en/statement_22_866
12. https://www.theguardian.com/business/2022/may/03/boris-johnson-uk-chip-designer-arm-list-london
13. https://www.bloomberg.com/news/articles/2022-07-21/lse-in-fight-for-arm-to-list-in-london-says-ceo-hoggett
14. https://www.reuters.com/world/europe/montenegro-blames-criminal-gang-cyber-attacks-government-2022-08-31/
15. https://hoy.com.do/hackers-atacan-el-iad-piden-unos-us600-mil-para-devolverle-datos/
16. https://www.csirt.gob.cl/noticias/alerta-de-seguridad-cibernetica-incidente-en-servicio-publico/
17. https://www.lemonde.fr/pixels/article/2022/08/22/un-hopital-de-l-essonne-victime-d-une-cyberattaque-son-activite-fortement-perturbee_6138677_4408996.html
18. https://www.reuters.com/technology/ransomware-group-blackcat-behind-italys-gse-hacking-researchers-say-2022-09-02/
19. https://www.csoonline.com/article/3651370/ransomware-is-top-attack-vector-on-critical-infrastructure.html
20. https://www.ic3.gov/Media/PDF/AnnualReport/2021_IC3Report.pdf
21. https://www.forbes.com/sites/daveywinder/2022/09/06/has-tiktok-us-been-hacked-and-2-billion-database-records-stolen/?sh=3b3c9a8d105d
22. https://cyberknow.medium.com/an-interview-with-againstthewest-b7aa1625fc4f