Malicious cyber activity mounting against semiconductor sector

Eight semiconductor firms have been compromised by malicious cyber activity so far this year amid increased concerns regarding semiconductor supplies in various countries, including the U.S., according to The Record, a news site by cybersecurity firm Recorded Future. The Cuba, LockBit, and LV ransomware gangs were behind five of the cyber incidents against the semiconductor industry, while three were attributed to the Lapsus$ and RansomHouse extortion groups, a report from Recorded Future showed. Even though none of the semiconductor industry-targeted cyberattacks were directly associated with nation-state actors, state-sponsored operations have been discovered to impersonate ransomware groups, while other nation-state actors may already be collaborating with ransomware-as-a-service operators, researchers said. "As the competition for semiconductor supremacy is at the heart of the economic competition between China and Taiwan, we believe it is likely that cyberattacks and industrial espionage against semiconductor companies will continue," noted researchers, who also urged for the inclusion of semiconductor firms to the Cybersecurity and Infrastructure Security Agency's critical infrastructure sector list.