Cyber Week in Review: January 14, 2022 – Council on Foreign Relations

Danish Intelligence Chief Detained Over Leak of Confidential Information

Lars Findsen, the head of Denmarks foreign intelligence service, was revealed as one of the four people detained in December of 2021 for leaking highly classified information. All four detainees are employees of the Danish intelligence service, but Findsen is the only one who remains in custody. He has reportedly been charged with violating a section of the penal code by sharing highly classified information and faces a maximum penalty of 12 years in prison. Unnamed sources said the chargesare a consequence ofFindsen leaking classified information to news outlets. This isnt Findsens first punishment for mishandling classified information, as he had been suspended from his role as intelligence chief since August 2020 for allegedly sharing raw data with the National Security Agency in 2020.

TSMC Will Invest up to $44 Billion for Semiconductor Production in 2022

Taiwan Semiconductor Manufacturing Company announced that it would increase investments in its production capacity to its highest levels ever in 2022, allocating over $40 billion towards expanding semiconductor production. That figure represents a $10 billion increase from the previous high.TSMCs finance chief also said that between seventy and eighty percent of the spending would be directed towards TSMCs most advanced manufacturing processes, with the remainder earmarked for legacy chips. TSMC has been expanding its production capacity recently, with plans to open plants in Arizona and Japan in the next five years.

U.S. Cyber Command Releases Malware Samples from Iranian APT MuddyWater

More on:

Cybersecurity

Iran

Supply Chains

China

Cyber Command provided an official attribution for the threat actor MuddyWater, describing it as a direct subordinate group of the Iranian Ministry of Intelligence and Security. Included in the release was an analysis of several malware tools and techniques used by the group. In December 2021, MuddyWater was detected orchestrating a campaign against telecommunications companies in the Middle East and Southeast Asia. While cybersecurity firms have previously linked MuddyWater to the Iranian government, Cyber Commands announcement is the first time the U.S. government has marked the group as Iranian-sponsored.

White House Hosts Summit on Open-source Software

Net Politics

CFR experts investigate the impact of information and communication technologies on security, privacy, and international affairs.2-4 times weekly.

Digital and Cyberspace Policy program updates on cybersecurity, digital trade, internet governance, and online privacy.Bimonthly.

A summary of global news developments with CFR analysis delivered to your inbox each morning.Most weekdays.

A weekly digest of the latestfrom CFR on the biggest foreign policy stories of the week, featuring briefs, opinions, and explainers. Every Friday.

The White House convened a summit on Thursday with several major technology companies to discuss how to increase security for open-source software. The summit comes in the wake of the disclosure of a flaw in the Log4j open-source software, potentially one of the most damaging vulnerabilities ever discovered. The summit brought together technology companies, government agencies, and foundations supporting open-source software projects. Log4j has mostlybeen used in ransomware attacks since its detection although Iranian hackers used the vulnerability to launch a PowerShell backdoor earlier this week. Since the disclosure of the Log4j flaw, the White House has described securing open-source software as a key national security concern, and this summit appears to reflect that emphasis.

Omicron outbreak in Xian shuts down factories, threatens chip supply chains

As Xian locks down due to Chinas largest outbreak of the Omicron variant to date, chipmaking factories in the northwestern city are experiencing production hiccups. Samsung Electronics and Micron Technology, who together account for 67% of DRAM chips and 45% of NAND flash chips globally, have modified operations in their Xian hubs due to staff shortages. It has been speculated that prolonged manufacturing slowdowns induced by the Omicron variant could worsen the global semiconductor shortage, especially if factories must close their doors. Micron has said that it remains optimistic that it will meet consumer demand with only near-term delays in the wake of Chinas biggest COVID challenge since Wuhan.

More on:

Cybersecurity

Iran

Supply Chains

China

Read the original post:

Cyber Week in Review: January 14, 2022 - Council on Foreign Relations