CyCraft Collaborates with Semiconductor Industry to Strengthen Supply Chain Security

Taipei, Taiwan — January 3, 2022 — CyCraft, a leading managed detection and response provider (MDR) based in Taiwan, joined hands with organizations in the Semiconductor industry, cybersecurity firms, government agencies, and academia in promoting the newly formed Semiconductor Supply Chain Cybersecurity Alliance (半導體供應鏈資安聯盟) at SEMICON Taiwan 2021.

SEMI — the global industry association of international electronic equipment manufacturers — and Taiwan Semiconductor Manufacturing Company (TSMC) have been working hard on strengthening cybersecurity standards across the semiconductor supply chain and prioritizing four key areas: operation system specifications, network-related security, endpoint security, and continuous monitoring.

Taiwan companies supply roughly 63% of the global semiconductor market share.

SEMI CMO and SEMI Taiwan President Terry Tsao (曹世綸) stated his increasing concerns regarding cybersecurity in the semiconductor industry as more and more professional and state-sponsored (and state-ignored) hacker groups are targeting the high-tech manufacturing and semiconductor industries. Taiwan is a critical link in the global semiconductor supply chain as Taiwan companies supply roughly 63% of the global semiconductor market share and over 80 percent of advanced 5nm chip production. During this current global shift towards digitalization in all industries, manufacturers face numerous risks and challenges.

“These challenges are present due to industry constraints — not just tech limitations. One of the biggest security issues in manufacturing is integrating modern AI-driven solutions, like ours, into legacy hardware and software. This presents unique challenges. Hardware diversity and high availability are some of the main concerns of ICS. PLC’s don’t offer the same computing environments as full operating systems, leading to different approaches to security than we see in office IT environments; upgrading every OS patch could cost companies millions of dollars in downtime — which isn’t an option given the industry’s competitive environment. This leads to legacy solutions, even those way past their end of life date, to still be in use; hackers, who continue to find bugs and develop new techniques, can thrive in this terrain, so it’s paramount that we work with organizations like SEMI to find the best middle ground to better achieve security goals for the industry.”
— Chad Duffy, CyCraft Global Product Manager

‍

Call to Action

In the last few years, the Taiwan superconductor supply chain has been heavily impacted by cyberattacks. In 2017, several semiconductor manufacturers (as well as other industries worldwide) were hit by WannaCry ransomware. TSMC immediately began scanning its entire network for any signs of breach. In August 2018, TSMC reported that “a supplier installed tainted software without a virus scan.” The malware rapidly spread to multiple endpoints in some of the TSMC’s more advanced facilities. TSMC had to shut down several of its chip fabrication factories over a weekend for remediation. This led to a severe impact on the global supply chain and raised significant concerns in the industry.

The Semiconductor Supply Chain Security Alliance (半導體供應鏈資安聯盟), established by SEMI Taiwan, has been working with Taiwan companies and factories to formulate effective semiconductor cybersecurity standards to ensure severe incidents — such as the 2018 incident, do not happen again.

TSMC Head of Corporate Information Security and Chairman of SEMI Taiwan Cybersecurity Committee Dr. James Tu (屠震) stated that the issue of cybersecurity is an issue of national security; enterprises should not only take responsibility for their own cybersecurity but also assist both upstream and downstream partners in strengthening the overall security of the entire supply chain.

‍

Action Taken

At SEMICON Taiwan 2021, SEMI CMO and SEMI Taiwan President Terry Tsao (曹世綸) announced that January 2022 would see the launch of the new semiconductor cybersecurity standard officially regarded as SEMI E187-Specifications for Cybersecurity of Fab Equipment. This new standard covers four major areas:

• Operating System Specifications: All equipment and hardware need to use either current (non-legacy and non-deprecated) OS or long-term supported OS with security updates and tools for maintenance.
• Network-Related Security: IT personnel must be able to close unused services and monitor the use and management of high-risk TCP/UDP ports, as well as be provided configuration and setting-related instructions for all equipment and hardware.
• Endpoint Security: While detection and response capabilities are preferred, all devices need self-protection mechanisms, such as anti-virus, application allowlists, and vulnerability scanning.
• Continuous Monitoring: All hardware must be able to support access control and provide functionality for continuous cybersecurity monitoring.

With the discovery of several critical-level vulnerabilities, 2021 proved to be a challenging year for the cybersecurity industry. Securing only your own organization is no longer enough, as modern supply chain attacks have proven to have unprecedented blast radii.

The SEMI E187 security standard has been years in the making and signals the first of many significant steps towards increasing the overall cyber resilience of the entire global semiconductor supply chain.