Today, electronic devices are the backbone of our world and semiconductor chips are the brains inside the devices that run our lives — from our phones to vehicles to the energy grids. However, these critical devices cannot run properly unless the chips are free of weakness and security vulnerabilities. And that is becoming an increasingly precarious situation.
While we tend to think of software when we think of cybersecurity risks, the chips that power our world are also vulnerable to cyberattacks. For example, insecure internal interfaces are vulnerable to system-level exploits, such as Bleeding Bit, where malicious advertising packets (BLE broadcast messages) overwhelm the firmware stack, allowing cyber attackers to get control of the chips.
There are many aspects of security that need to be enforced at the hardware level. For example, each module must be secured, but it can’t be done in isolation. There is a need for a trusted security handshake between multiple modules.
Here are some of the latest reports from the industry on the current cybersecurity issues impacting the semiconductor industry.
Cyberattacks on hardware often occur due to undetected vulnerabilities at the semiconductor design process level or by way of firmware. Cyberattacks can occur at several phases of the product life cycle and result in chip malfunction, denial of service, and sensitive information breaches. In fact, a well-designed hardware vulnerability could go undetected due to the complexity of IC and microelectronics.
Hardware attacks are classified in two parts: active, such as fault injection (which results in IC malfunction and catastrophic system failures), and passive attacks, such as side-channel analysis (which result in information leaks, like a secret cipher key).
Examples of these attacks include the Spectre and Meltdown, which exploit critical vulnerabilities in modern processors. Meltdown is a hardware vulnerability affecting Intel x86 microprocessors, IBM POWER processors, and some ARM-based microprocessors. It allows a rogue process to read all privileged memory through a side-channel or an indirect attack. Spectre allows an attacker to trick error-free programs into leaking their secrets.
Root of trust required
One segment of the semiconductor industry is at particular risk — the Internet of Things. “While hackers can infect a computer or even a system of computers with malware, the connections are broader, deeper and less well-managed in the IoT-powered world,” according to Semiengineering.com.
IoT is poised to revolutionize the world, but can’t realize its full potential until stronger security measures are in place — from device manufacturing to end-of-life decommissioning. One solution is a silicon-based hardware root of trust that offers a range of robust security options for IoT devices. In fact, many IoT security-on-chip manufacturers are already implementing mechanisms that provide a hardware-based root of trust.
A hardware root of trust can be established in various ways. The simplest process is to run start-up code directly from a non-writable location in the processor’s memory map. Another approach, which allows updates and more flexibility, is to load the code from a protected memory region into a protected memory store set aside for firmware execution. When it starts, the root of trust derives its internal keys from supplied device identity inputs and executes self-tests and code validation for itself. If these tests pass, it can move on to validate the first piece of code in the chain of trust.
In geopolitical crosshairs
Taiwan-based TSMC is the world’s largest chip manufacturer. Huawei was one of its largest customers until sanctions were imposed by the U.S. Because TSMC retains U.S. intellectual property, the U.S. was able to prohibit it from trading with certain (Chinese) companies to prevent inadvertent data sharing.
While fears that China will invade Taiwan are considered unlikely, there is a looming threat that is very real: the prospect that China will use cyber tactics in gray-zone warfare on the island nation. In fact, Taiwan claims that it has suffered a string of cyberattacks from the mainland since at least 2018. According to its Ministry of Foreign Affairs, it suffered a 40-fold increase in cyberattacks in 2020 compared to 2018, with the attacks presumed to be from the mainland.
Most of TSMC’s vital data is stored in Taiwan, meaning it’s vulnerable to a targeted cyberattack. Continuing cyberattacks on TSMC could further undermine and completely disrupt both the company and the entire global semiconductor supply chain. If this happens, critical national infrastructure and semiconductor foundries can be significantly disrupted, as shown in the Colonial Pipeline attack.
Through our partnership with Secureworks, Talent 101 is able to offer responsive and intelligent cybersecurity solutions that prevent, detect, respond to threats anywhere data moves into, out of, and through customer environments. Contact us today to learn more.