Chinese state-backed hackers have pillaged Taiwan’s semiconductor industry, according to reports. The hack once again shows that cyber warfare is likely to be the primary battleground between nations in the future.
This is not the first instance of state-sponsored hacking in recent years, but it stands as a crucial development in the ongoing “tech war” between the United States and China.
With the rise of cyber conflict, data has become a hotly contested resource with potential national security implications.
Cyber warriors
The intrusion of Chinese hackers into the Taiwanese semiconductor industry was revealed in a recent report by the cybersecurity firm CyCraft Technology Corporation. The Taipei-based firm released details this year of a hacking campaign targeting seven Taiwanese semiconductor firms over the space of two years.
The researchers also stated that the perpetrators – the hacking group known as “Chimera” – have ties to the Chinese state-backed hacking group Winnti.
This has raised concerns that the recent attack was a state-orchestrated attempt against a regional rival, Taiwan, and also an attempt to subvert recent US sanctions as part of a growing trade and tech war.
Using a “skeleton key injector” technique, the hackers were able to slowly gain access and control of company systems and files, managing to steal significant amounts of intellectual property in the process.
The stolen material included crucial materials in the research and development process for semiconductor technology, such as source code and chip designs.
Semiconductors, also known as chips, are small conductors of electricity found in millions of electronic devices. Taiwanese companies, such as the Taiwan Semiconductor Manufacturing Company, have long been dominant in this field, investing huge amounts of money to research and develop new semiconductor technology for use in millions of devices worldwide.
The intrusion by Chinese hackers comes as Chinese companies are buckling under the technological sanctions placed on them by the US. The Chinese tech giant Huawei, for example, recently announced that it was running out of processor chips because of US sanctions, which prevented American – and Taiwanese – companies from doing business with Chinese partners for these crucial technologies.
According to CyCraft’s Chung-Kuan Chen, the hackers’ intrusion “fundamentally damages a corporation’s entire ability to do business” and was likely “a strategic attack on the entire industry.”
Given China’s traditional reliance on Taiwan for semiconductor technology and the recent escalation of the US-China “tech war,” the recent intrusions were likely conceived as “a way to cripple a part of Taiwan’s economy, to hurt their long-term viability,” according to CyCraft’s Chad Duffy.
But this recent intrusion was not the first made by state-sponsored hackers in recent times and likely stands as a sign of things to come.
Data wars
The intrusion into Taiwan’s semiconductor industry comes as cyber warfare has proliferated across the globe, with Chinese actors often leading the way.
During the height of the coronavirus pandemic, reports emerged that one Chinese hacking group targeted and compromised the services of a social care provider in the United Kingdom.
In July, US government officials indicted two alleged Chinese-backed hackers for a cyberattack campaign that spanned a decade and targeted companies across the world.
Commenting on the indictment, US Assistant Attorney General for National Security John C. Demers stated, “China has now taken its place … in that shameful club of nations that provide a safe haven for cyber criminals in exchange for those criminals being ‘on call’ to work for the benefit of the state.”
The connections between individual hacking groups and the Chinese state have also been exposed on a number of occasions. In 2018, the US and UK governments publicly named the hacking group APT10 as “Stone Panda” and charged them with stealing hundreds of gigabytes worth of sensitive data.
The US and UK also alleged that the hackers were connected to an arm of the Ministry of State Security (MSS) – China’s intelligence agency – based in the Tianjin province and that the hackers “worked in an office environment and typically engaged in hacking operations during working hours in China” and were backed by the MSS.
These state connections come at a time when data has become a critical geopolitical issue.
Recent sanctions imposed by the US on Chinese-based companies, such as Huawei and ByteDance, were founded on national security concerns on the usage and exploitation of American’s data.
Cyberspace, the world inhabited by states and individuals and the data they produce and collect, is fast shaping up to become a critical battleground of the future.
The future battleground
Chinese-based hackers have not been alone in recognizing the potential that exists with targeted hacking campaigns against specific industries and companies.
Russia has long been an active sponsor and employer of hacking groups for geopolitical and strategic goals.
Amid a dispute with neighboring Estonia in 2007, Russian hackers, with alleged state-backing, coordinated an unprecedented mass campaign of cyberattacks against the small Baltic country, which saw government websites, banking services and communications brought down and made unavailable.
Likewise, during the conflict with Ukraine in 2014, according to reports made by CrowdStrike, the Russian hacker group “Fancy Bear” injected malware that allegedly disabled targeting data for the Ukranian army’s artillery weapons systems, rendering the affected weapons inoperable.
As recently as the COVID-19 pandemic, Russian hackers have also targeted Western institutions and governments, notably for access to COVID-19 vaccine research.
One group known as APT29, which was “almost certainly” a part of the Kremlin’s intelligence services according to the UK’s National Cyber Security Centre, targeted drug companies and research groups in order to steal valuable research data.
As the recent pillaging of Taiwan’s semiconductor industry has illustrated, hacking groups can act at the behest of – or, at the very least, for the benefit of – states in their efforts to combat geopolitical threats and rivals.
If current patterns hold, cyberspace and data may quickly become the battlegrounds and resources of geopolitical tensions in the future.
Have a tip or story? Get in touch with our reporters at [email protected]