Cyber Week in Review: January 14, 2022
from Net Politics and Digital and Cyberspace Policy Program

Cyber Week in Review: January 14, 2022

Danish intelligence chief detained over leaks; Cyber Command releases malware samples; White House hosts summit on open-source software; Omicron outbreak in Xi'an threatens semiconductor supply chains.
General Paul Nakasone, commander of Cyber Command, testifies before Congress in February of 2019.
General Paul Nakasone, commander of Cyber Command, testifies before Congress in February of 2019. Cyber Command

Danish Intelligence Chief Detained Over Leak of Confidential Information 

Lars Findsen, the head of Denmark’s foreign intelligence service, was revealed as one of the four people detained in December of 2021 for leaking highly classified information. All four detainees are employees of the Danish intelligence service, but Findsen is the only one who remains in custody. He has reportedly been charged with violating a section of the penal code by sharing highly classified information and faces a maximum penalty of 12 years in prison. Unnamed sources said the charges are a consequence of Findsen leaking classified information to news outlets. This isn’t Findsen’s first punishment for mishandling classified information, as he had been suspended from his role as intelligence chief since August 2020 for allegedly sharing raw data with the National Security Agency in 2020. 

TSMC Will Invest up to $44 Billion for Semiconductor Production in 2022 

Taiwan Semiconductor Manufacturing Company announced that it would increase investments in its production capacity to its highest levels ever in 2022, allocating over $40 billion towards expanding semiconductor production. That figure represents a $10 billion increase from the previous high. TSMC’s finance chief also said that between seventy and eighty percent of the spending would be directed towards TSMC’s most advanced manufacturing processes, with the remainder earmarked for legacy chips. TSMC has been expanding its production capacity recently, with plans to open plants in Arizona and Japan in the next five years.  

U.S. Cyber Command Releases Malware Samples from Iranian APT MuddyWater 

More on:

Cybersecurity

Iran

Supply Chains

China

Cyber Command provided an official attribution for the threat actor MuddyWater, describing it as a direct subordinate group of the Iranian Ministry of Intelligence and Security. Included in the release was an analysis of several malware tools and techniques used by the group. In December 2021, MuddyWater was detected orchestrating a campaign against telecommunications companies in the Middle East and Southeast Asia. While cybersecurity firms have previously linked MuddyWater to the Iranian government, Cyber Command’s announcement is the first time the U.S. government has marked the group as Iranian-sponsored.  

White House Hosts Summit on Open-source Software 

The White House convened a summit on Thursday with several major technology companies to discuss how to increase security for open-source software. The summit comes in the wake of the disclosure of a flaw in the Log4j open-source software, potentially one of the most damaging vulnerabilities ever discovered. The summit brought together technology companies, government agencies, and foundations supporting open-source software projects. Log4j has mostly been used in ransomware attacks since its detection although Iranian hackers used the vulnerability to launch a PowerShell backdoor earlier this week. Since the disclosure of the Log4j flaw, the White House has described securing open-source software as a key national security concern, and this summit appears to reflect that emphasis. 

Omicron outbreak in Xi’an impedes chip production, threatens supply chains

As Xi’an locks down due to China’s largest outbreak of the Omicron variant to date, chipmaking factories in the northwestern city are experiencing production hiccups. Samsung Electronics and Micron Technology, who together account for 67% of DRAM chips and 45% of NAND flash chips globally, have modified operations in their Xi’an hubs due to staff shortages. It has been speculated that prolonged manufacturing slowdowns induced by the Omicron variant could worsen the global semiconductor shortage, especially if factories must close their doors. Micron has said that it remains optimistic that it will meet consumer demand with only near-term delays in the wake of China’s “biggest COVID challenge since Wuhan.”   

More on:

Cybersecurity

Iran

Supply Chains

China

Creative Commons
Creative Commons: Some rights reserved.
Close
This work is licensed under Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0) License.
View License Detail