Daily Drop (687): JP: Chip making, CISA: Passwords, CN: Malaysia Chips, QakBot, UK: Foreign Tech, RISC-V, CN: Bankruptcies, Kyivstar Network, Tanzania: SAT, CN: INDO-PAC SAT, Sift: Advanced Telemetry
12-18-23
Monday, Dec 18 2023 // (IG): BB // ShadowNews // Coffee for Bob
Japanese Chip makers Continue Engagement in China Despite New U.S. and Japanese Restrictions
Bottom Line Up Front (BLUF): Despite restrictions imposed by the U.S. and Japan on the sale of high-end chipmaking equipment to China, Japanese companies like Tokyo Electron and Kokusai Electric Corp. are experiencing increased demand from China for less advanced chipmaking machinery. These developments reflect a shift in market dynamics, where Chinese demand for legacy chip technology remains robust, challenging the effectiveness of geopolitical strategies aimed at limiting China's access to cutting-edge semiconductor technology.
Analyst Comments: The situation demonstrates the complex interplay between global technology markets and international politics. While the U.S., Japan, and other allies strive to curb China's access to advanced semiconductor technology, the persistent demand for less sophisticated chipmaking equipment in China highlights the challenges in enforcing these controls. This dynamic also underscores China's strategic pivot towards legacy semiconductor technology, which still plays a crucial role in numerous applications. Moreover, the ability of companies like Huawei to potentially utilize older equipment for advanced chip production poses new challenges for U.S. policymakers, who may need to reevaluate their export control strategies.
FROM THE MEDIA: Tokyo Electron reported a significant increase in sales from China, with 43% of its last quarter's sales coming from the country, up from 24% a year ago. Similarly, Kokusai Electric Corp. is expanding its presence in China, expecting nearly half of its revenue to come from the country. This growth is driven by investments across various chip categories at 28-nanometers and larger. Despite Japan lagging behind Taiwan and South Korea in chip manufacturing, it remains a key player in the machinery market for chip production. Earlier in the year, Japan and the Netherlands agreed to join the U.S. in limiting sales of advanced chipmaking equipment to China. However, the recent developments suggest a nuanced market response, with significant demand for less advanced semiconductor technologies in China. The case of Huawei's advanced chip in its new 5G phone using older equipment has sparked further discussions in the U.S. about expanding export controls.
READ THE STORY: Fortune
CISA Calls for Elimination of Default Passwords Amid Cybersecurity Threats
Bottom Line Up Front (BLUF): The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning to manufacturers to remove default passwords from internet-connected devices. This follows recent cyber attacks exploiting these vulnerabilities, notably by Iranian threat actors targeting critical infrastructure in the U.S. using easily accessible default passwords.
Analyst Comments: CISA's alert underscores a growing concern in cybersecurity: the ease with which threat actors can exploit basic security oversights, such as default passwords. The use of default passwords, a common practice for convenience in many internet-connected devices, presents a significant security risk. The highlighted attacks by Iranian-affiliated groups demonstrate a broader trend of state-sponsored cyber activities focusing on critical infrastructure. This call to action by CISA aligns with increasing efforts globally to bolster cybersecurity defenses, especially in sectors essential to national security. It reflects an evolving landscape where cybersecurity is no longer an afterthought but a primary consideration in the design and deployment of technology.
FROM THE MEDIA: CISA's alert follows the exploitation of operational technology devices by IRGC-affiliated Iranian threat actors, who used default passwords to infiltrate critical U.S. systems. These passwords are often publicly documented, enabling easy access for cyber adversaries. The Iranian actors, operating under the guise of Cyber Av3ngers, targeted Israeli-made Unitronics Vision Series PLCs using widely known default passwords. As preventive measures, manufacturers are encouraged to adopt secure by design principles, offer unique setup passwords, and mandate multi-factor authentication. The advisory comes amidst the backdrop of cyber attacks in Israel by a Lebanese group linked to the Iranian Ministry of Intelligence, signaling a broader regional cyber conflict.
READ THE STORY: THN
Chinese Firms Turn to Malaysia for High-End Chip Assembly Amid U.S. Sanctions
Bottom Line Up Front (BLUF): Chinese semiconductor design firms are increasingly collaborating with Malaysian companies for the assembly of high-end chips, such as GPUs, in response to potential U.S. sanctions expansion. This strategic move, involving only the assembly and not the fabrication of chip wafers, aims to hedge risks against tightening U.S. export controls. The development highlights the evolving landscape of the global semiconductor industry amidst heightened geopolitical tensions.
Analyst Comments: This shift by Chinese firms to Malaysia for chip assembly represents a significant adaptation to the complex geopolitical climate affecting the semiconductor industry. By focusing on assembly processes in Malaysia, Chinese companies are navigating around the direct impact of U.S. sanctions while maintaining their position in the high-end chip market. This tactic not only mitigates risks from potential future sanctions but also leverages Malaysia's established role in the global semiconductor supply chain. The move could also facilitate easier access to non-Chinese markets for these companies.
FROM THE MEDIA: Chinese semiconductor design companies, facing challenges from U.S. sanctions, particularly on high-end GPUs, are seeking Malaysian partners for chip assembly. This approach doesn't violate current U.S. restrictions and revolves around advanced chip packaging, a crucial and emerging semiconductor technology. Although this activity doesn't fall under U.S. export restrictions, concerns exist that it could be targeted in the future. Malaysia, a key player in semiconductor packaging and assembly, is seen as an attractive destination for these Chinese firms due to its favorable relations with China, skilled workforce, and sophisticated technology. Unisem and other Malaysian firms have reportedly seen increased business from Chinese clients. Additionally, companies like Germany's Infineon and U.S.-based Intel are investing heavily in Malaysia's semiconductor sector, highlighting the country's strategic importance.
READ THE STORY: Reuters
Resurgence of QakBot Malware Targets Hospitality Industry with Sophisticated Phishing Campaign
Bottom Line Up Front (BLUF): Microsoft has identified a new phishing campaign distributing QakBot malware, primarily targeting the hospitality industry. This resurgence comes three months after a successful law enforcement operation, dubbed Operation Duck Hunt, dismantled its infrastructure. The campaign uses PDFs, masquerading as IRS communications, to distribute a digitally signed Windows Installer that invokes QakBot. The malware, known for harvesting sensitive information and delivering additional malware, demonstrates the enduring threat of sophisticated cyber attacks in the industry.
Analyst Comments: The comeback of QakBot, similar to the revival of Emotet malware, highlights the persistent nature of cyber threats, even after successful law enforcement interventions. QakBot’s sophisticated attack vectors, such as leveraging digitally signed installers and masquerading as legitimate entities, reflect an evolving landscape where cybercriminals continuously refine their tactics. For the hospitality industry, already reeling from various cybersecurity challenges, this resurgence underscores the need for heightened vigilance, robust security measures, and continuous monitoring to combat these advanced threats. The pattern of resurgence also suggests a need for sustained international cooperation and intelligence-sharing to effectively disrupt such cybercrime networks.
FROM THE MEDIA: The new QakBot campaign, discovered by Microsoft, involves a low-volume but highly targeted phishing approach that began on December 11, 2023. It uses PDFs containing URLs that lead to a Windows Installer, which then deploys the QakBot malware. This variant, version 0x500, indicates an evolution since the malware's infrastructure disruption. Historically, QakBot has been distributed through spam emails with malicious attachments or links, capable of extracting sensitive data and introducing further malware threats, including ransomware. The resurgence of QakBot post-Operation Duck Hunt, a coordinated effort to neutralize its command-and-control network, mirrors the pattern seen with Emotet, highlighting the resilience and adaptability of these malware botnets.
READ THE STORY: THN
UK's National Security Linked to Tech and Manufacturing Investment Amidst Hostile Global Relations
Bottom Line Up Front (BLUF): A report warns that the UK's reliance on nations like China and Russia for tech and manufacturing could compromise national security. To counter modern threats, the report, backed by Labour Together, emphasizes the need for the UK to develop strength in sectors like clean energy, digital technology, and advanced manufacturing. The strategy aims to reduce dependency on hostile countries and foster resilience against global economic and security challenges.
Analyst Comments: This report underscores the evolving nature of national security in the digital age, where economic and technological dependencies intertwine with geopolitical interests. The emphasis on 'industrial strength' in key areas like clean energy and advanced manufacturing reflects a strategic pivot towards self-reliance and resilience in a world where global supply chains can be weaponized. The notion of 'securonomics', as discussed by Shadow Chancellor Rachel Reeves, encapsulates this shift towards integrating security considerations into economic policies. The UK's involvement in partnerships like AUKUS and recent legislative measures like the National Security and Investment Act further indicate a concerted effort to safeguard critical domestic industries from foreign influence and ensure economic security.
FROM THE MEDIA: The report by Labour Together, written by ex-Foreign Office official Hamish Falconer, highlights the risks of 'weaponized interdependence', where countries central to global manufacturing and energy, like China and Russia, could exploit economic ties. It advocates for collaboration with allies in developing technologies such as quantum computing, drones, and satellites, pointing to the AUKUS deal as a model. The report also recommends the establishment of public bodies to drive investment in sectors like robotics and satellite manufacturing. It draws on recent global crises, including the COVID-19 pandemic and the Russia-Ukraine conflict, to illustrate the interconnectedness of economic security and national resilience. The focus is on building domestic capabilities in strategically important industries, echoing calls for 'securonomics' and greater domestic ownership in critical sectors.
READ THE STORY: iNews
MongoDB Faces Security Breach, Customer Data Exposed
Bottom Line Up Front (BLUF): MongoDB, an American database software company, experienced a security breach resulting in unauthorized access to corporate systems and the exposure of customer account metadata and contact information. Detected on December 13, 2023, the company is actively investigating the incident and has advised customers to enhance security measures.
Analyst Comments: MongoDB's breach underscores the persistent threat landscape in the digital domain, especially for data-centric companies. The breach's impact, focusing on customer metadata and contact information, raises concerns about potential phishing and social engineering attacks targeting MongoDB's customers. The incident also highlights the importance of robust cybersecurity measures, including phishing-resistant multi-factor authentication (MFA) and regular password updates. MongoDB's proactive response in terms of incident response activation and customer advisories is commendable, yet the event serves as a reminder of the critical need for continuous vigilance and advanced security protocols in protecting sensitive data.
FROM THE MEDIA: The breach involved unauthorized access to MongoDB's corporate systems, with the initial detection of abnormal activities on December 13, 2023. MongoDB emphasized that there has been no known exposure of data stored in MongoDB Atlas, its database service. The company is experiencing elevated login attempts, causing difficulties for customers accessing Atlas and the Support Portal, although this is reportedly unrelated to the breach. MongoDB has recommended customers be vigilant against social engineering and phishing attacks, enforce phishing-resistant MFA, and change their Atlas passwords.
READ THE STORY: THN
Global Spike in Corporate Bankruptcies as Pandemic Aid Ends and Interest Rates Rise
Bottom Line Up Front (BLUF): Corporate bankruptcies are surging at alarming rates in many advanced economies, driven by the combination of rising borrowing costs and the withdrawal of pandemic-era government support. This trend marks a significant shift from the previous decade's declining bankruptcy rates and poses challenges for global economic activity and employment.
Analyst Comments: The surge in bankruptcies signifies a critical phase in the global economic landscape, transitioning from the unprecedented support during the pandemic to a more challenging environment marked by higher interest rates and reduced government aid. This shift particularly impacts 'zombie' companies that were propped up by pandemic-era measures. The sectors most affected include transportation, hospitality, and potentially real estate and construction due to their sensitivity to interest rate changes. However, the impact might be mitigated to an extent by the cash reserves businesses built up during periods of low interest rates and ongoing economic growth in major economies.
FROM THE MEDIA: In the U.S., corporate bankruptcies increased by 30% year-on-year as of September, with Germany seeing a 25% rise in the same period. Across the EU, insolvencies are at their highest in eight years. Factors contributing to this trend include higher debt servicing costs, the end of pandemic support, and soaring energy bills. Despite these challenges, analysts note that bankruptcy numbers remain modest by historical standards in major economies like the US, Germany, and France. The current economic landscape, characterized by continued growth and low unemployment rates, may prevent a tsunami of insolvencies.
READ THE STORY: FT
Kyivstar Network Recovers from Major Cyberattack Amidst Ukraine-Russia Conflict
Bottom Line Up Front (BLUF): Ukrainian telecommunications company Kyivstar has successfully restored its mobile internet and international roaming services following a significant cyberattack. The attack, which is considered the largest in Ukraine since the Russian invasion, had disrupted services for millions of subscribers and impacted the country's IT infrastructure. Full recovery of all services may still take several weeks, and the company is advising customers on steps to reconnect to the network.
Analyst Comments: The cyberattack on Kyivstar underscores the ongoing cyber warfare aspects of the Ukraine-Russia conflict. Such attacks on critical infrastructure like telecommunications not only disrupt daily life but also have broader implications for national security and emergency response systems. The rapid restoration of services by Kyivstar demonstrates the resilience and preparedness of the company's cybersecurity measures, which are crucial in conflict zones. However, the incident highlights the vulnerability of civilian infrastructure to cyberattacks in modern warfare and the need for robust, continuous improvements in cybersecurity strategies.
FROM THE MEDIA: The attack on Kyivstar resulted in a complete outage of services for 24.3 million mobile subscribers and over 1.1 million home internet users. While voice services and fixed-broadband connectivity were restored within two days, full restoration of the network, including all voice, SMS, and mobile data services, may take several weeks. Kyivstar, a subsidiary of Veon, is taking a gradual approach to service restoration to prevent network congestion and stabilize operations. The company has also addressed concerns regarding personal data safety, stating that customer data remains secure. The incident is currently under investigation, with a criminal investigation opened by Ukraine's Security Service. The cyber group Sointsepek claimed responsibility for the attack, although this claim is yet to be verified. Cybersecurity experts believe that the attack could be attributed to Sandworm, a group linked to Russia's GRU military intelligence agency.
READ THE STORY: Developing Telcoms
Tanzania Secures Orbital Slot for First Satellite Launch
Bottom Line Up Front (BLUF): Tanzania has marked a significant advancement in its space exploration endeavors by securing an orbital slot at 16 degrees West for its inaugural satellite launch. This development, announced at the 2023 World Radiocommunication Conference, is part of the country's broader commitment to leveraging space technology for economic growth and development across various sectors.
Analyst Comments: Tanzania's move to secure an orbital slot for its first satellite launch represents a crucial step in the nation's space technology ambitions. It reflects a growing trend among African countries to invest in space technologies, recognizing their potential in enhancing capabilities in communication, agriculture, disaster management, and more. The involvement of figures like Professor Sospeter Muhongo and the endorsement by Minister Nape Nnauye underscores the government's commitment to this venture. This initiative aligns with President Samia Suluhu's vision for Tanzania's technological progression and follows the footsteps of other African nations that have ventured into space, such as Egypt, South Africa, and Nigeria. The satellite's expected functions, ranging from environmental monitoring to connectivity enhancement, signal Tanzania's strategic focus on space technology as a tool for national development.
FROM THE MEDIA: The announcement of Tanzania's orbital slot acquisition for its first satellite is a milestone in the country's space technology journey. Professor Sospeter Muhongo highlighted the economic benefits of space technologies, a sentiment echoed by other African nations that have launched satellites. Tanzania's planned satellite aims to offer services in environmental monitoring, weather tracking, surveillance, and connectivity improvement. This move positions Tanzania alongside other African countries with space capabilities, such as Egypt, South Africa, Algeria, Nigeria, and Morocco.
READ THE STORY: SATPRO
China Launches Top-Secret Military Spy Satellite Targeting Indo-Pacific Region
Bottom Line Up Front (BLUF): China has reportedly launched a top-secret military spy satellite, aimed at continuously monitoring the Indo-Pacific region. The launch, carried out in a highly secretive manner with minimal public disclosure, involved a modified version of China's largest rocket, the Long March 5 launcher. This development heightens the strategic significance of the Indo-Pacific region in the ongoing geopolitical tensions, particularly between China and the United States.
Analyst Comments: The secretive nature of China's latest satellite launch, believed to be a military spy satellite, underscores the escalating strategic competition, especially in the realm of space-based surveillance and intelligence. The satellite, speculated to be placed in geosynchronous orbit, is positioned to provide constant surveillance over a vast portion of the Earth, particularly focusing on the Indo-Pacific region. This move is in line with China's expanding space capabilities and its interest in enhancing military and intelligence gathering capabilities in a region that is increasingly becoming a focal point of global geopolitical rivalry. The satellite's continuous monitoring ability, coupled with the growing number of Chinese spy satellites, represents a significant enhancement in China's reconnaissance and surveillance capabilities, which could alter the balance of power in the region and raise security concerns among neighboring countries and the U.S.
FROM THE MEDIA: China's launch of the Yaogan-41 satellite aboard a modified Long March 5 rocket, which now stands as the tallest rocket ever launched by China, adds to its fleet of Earth-imaging satellites. While the Chinese government claims Yaogan-41 is for civilian purposes like land surveys and agricultural monitoring, the level of secrecy surrounding the launch and historical usage of the Yaogan series for military objectives suggest otherwise. The Yaogan-41's potential geosynchronous orbit could enable it to provide continuous surveillance over strategic locations, including China, Taiwan, and surrounding areas.
READ THE STORY: Firstpost
SpaceX Veterans' Startup Sift Raises $7.5M for Advancing Telemetry Solutions
Bottom Line Up Front (BLUF): Sift, a startup founded by former SpaceX software engineers, has successfully raised $7.5 million to further develop its innovative telemetry stack. This technology, designed to revolutionize the recording, visualization, and interpretation of machine data, is particularly aimed at customers managing large satellite constellations. Sift's approach, leveraging the space engineering expertise of its founders, aims to minimize human error in telemetry and enhance machine performance transparency.
Analyst Comments: The emergence of Sift, with its substantial funding, reflects the growing importance of advanced telemetry in the aerospace and related sectors. Founded by experienced SpaceX engineers, Sift's mission to improve the way machine data is handled is a crucial advancement for industries relying heavily on precise data management, like satellite operations. The company's telemetry stack promises to offer a more intuitive and automated way to handle large volumes of data, potentially reducing errors and increasing efficiency in satellite constellation management. This technology could have far-reaching implications, not only in space operations but also in various other sectors such as aviation, defense, and transportation, where data accuracy and interpretation are critical.
FROM THE MEDIA: Sift's founders, Karthik Gollapudi and Austin Spiegel, both of whom have substantial experience in leading high-profile projects at SpaceX, identified a significant gap in current telemetry tools, which can lead to costly errors in data interpretation. Their solution, an end-to-end telemetry stack, is designed to allow engineering teams to scale their data infrastructure more effectively, automate operations, and improve data review processes. This approach is analogous to a sieve used by prospectors, enabling engineers to efficiently find and interpret critical data. Sift's technology is already in use by innovative teams in aerospace, aviation, defense, energy, and transportation. With the backing of hardware investor Riot Ventures and enterprise SaaS expert Fika Ventures, Sift is well-positioned to make a significant impact on how machine data is managed in various industries.
READ THE STORY: Geospatial World
Items of interest
China's Strategic Focus on RISC-V Technology for Semiconductor Industry Dominance
Bottom Line Up Front (BLUF): China, through DAMO Academy, an Alibaba research division, has unveiled three groundbreaking processors based on the open-source RISC-V architecture. This move is a strategic attempt by China to reduce its dependency on Western technology, particularly in the semiconductor industry. The launch of the Xuantie series processors is part of China's broader ambition for technological autonomy and aligns with its efforts to avoid vulnerable dependencies on foreign technology.
Analyst Comments: China's venture into developing RISC-V technology represents a significant shift in the global semiconductor landscape. The launch of the Xuantie processors by DAMO Academy reflects China's push to develop an independent and self-reliant technological infrastructure. This strategic focus is driven by China's desire to mitigate risks associated with reliance on foreign technology, which has been a point of vulnerability in the face of international geopolitical tensions. The emphasis on RISC-V, an open-source architecture, indicates China's aim to set new standards in the semiconductor industry and challenge the long-standing dominance of proprietary ISAs like ARM and Intel’s x86. This development also highlights China's potential to shape future innovations and trends in technology, leveraging its vast market and skilled workforce. However, the growing influence of Chinese entities in the RISC-V International Foundation raises questions about the geopolitical implications of this technological shift, particularly concerning the balance of power in global tech innovation and security.
FROM THE MEDIA: The DAMO Academy's processors – Xuantie C920, Xuantie C907, and Xuantie R910 – are set to advance the application of RISC-V technology in various sectors, including AI and autonomous vehicles. The Chinese government's rapid and coordinated investment in RISC-V reflects a strategic approach to overcome technological constraints imposed by other countries, particularly the United States. This push for RISC-V is part of China's wider ambition for technological self-sufficiency, as evidenced by the significant role of Chinese entities in the RISC-V Foundation and numerous policy initiatives at both the central and local levels. Concerns about dependency on American technology and vulnerabilities in supply chains have further driven China's focus on RISC-V development. Western governments, particularly the United States, are starting to take notice of this shift and are assessing potential risks to national security.
READ THE STORY: The Jamestown Foundation
Dr. Ian Cutress Explains The Hype Around RISC-V (Video)
FROM THE MEDIA: RISC-V, the open-source instruction set architecture (ISA), has witnessed significant adoption and technical advancements in 2023. Major technological companies and startups are embracing RISC-V for its flexibility and innovation potential in various sectors including automotive, AI/ML, data centers, and IoT.0:02 / 14:23
Explaining RISC-V: An x86 & ARM Alternative (Video)
FROM THE MEDIA: RISC-V is an alternative microprocessor technology to x86 and ARM, with its instruction set architecture (ISA) being open rather than closed. This video explains what RISC-V is all about, including its origins, key market players, hardware, applications, intellectual property (IP), and the likely role of global politics and international trade barriers in determining RISC-V’s success.
These open-source products are reviewed by analysts at InfoDom Securities, providing possible context about current media trends related to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not endorse any third-party claims made in their original material or related links on their sites; the opinions expressed by third parties are theirs alone. For further questions, please contact InfoDom Securities at dominanceinformation@gmail.com.