{"id":464612,"date":"2023-11-24T13:58:01","date_gmt":"2023-11-24T12:58:01","guid":{"rendered":"https:\/\/innovationorigins.com\/?p=464612"},"modified":"2023-11-24T13:58:01","modified_gmt":"2023-11-24T12:58:01","slug":"chinese-cyber-espionage-exposes-years-long-grip-on-dutch-chip-giant","status":"publish","type":"post","link":"https:\/\/ioplus.nl\/archive\/en\/chinese-cyber-espionage-exposes-years-long-grip-on-dutch-chip-giant\/","title":{"rendered":"Chinese cyber espionage exposes years-long grip on Dutch chip giant"},"content":{"rendered":"\n<p>A Chinese hacker group has had undetected access to the network of NXP, one of the largest Dutch chip manufacturers, for over two years, an investigation by <a href=\"https:\/\/www.nrc.nl\/nieuws\/2023\/11\/24\/spionage-chinese-hackersgroep-zat-jarenlang-in-het-netwerk-van-de-nederlandse-chipfabrikant-nxp-a4182149?utm_source=push&amp;utm_medium=breaking_news&amp;utm_term=20231124\">NRC<\/a> reveals. The cyber attack remained under the radar for a long time and resulted in intellectual property theft. Despite NXP&#8217;s reputation for security, the systems were not discovered to have been compromised until early 2020. In addition to NXP, seven Taiwanese chip companies and KLM subsidiary Transavia were also affected.<\/p>\n\n\n\n<div class=\"io-block io-block__summary\"><ul><li>A Chinese hacker group called &#8220;Chimera&#8221; had undetected access to NXP&#8217;s network for more than two years;<\/li><li>The hackers used sophisticated methods, including exploiting stolen account information from previous data breaches;<\/li><li>In addition to NXP, seven Taiwanese chip companies and Transavia were also affected.<\/li><\/ul><\/div>\n\n\n\n<p>The impact of the break-in by the hacker group, affiliated with China, on Dutch chip manufacturer NXP reaches further than first assumed. The cyber group &#8216;Chimera&#8217; managed to circumvent security measures using sophisticated methods and exploiting accounts of unsuspecting employees. All this was discovered only after a tip-off following a hack at Transavia, a subsidiary of KLM.<\/p>\n\n\n\n<p>The attack shows how even the most advanced technology companies are vulnerable to cyber espionage, Marc Hijink writes in his article. NXP, a leading supplier of chips for the automotive industry, has had to admit to being a victim of these targeted espionage attacks. The perpetrators were primarily interested in stealing chip designs and mailboxes containing large amounts of sensitive information. This intellectual property is of great value to competitors and states seeking to influence or dominate the technology industry.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Advanced techniques of the hackers<\/h2>\n\n\n\n<p>The hackers used stolen account information from previous data breaches at services such as LinkedIn or Facebook. With this information, they were able to impersonate ordinary employees and gain access to NXP&#8217;s network. They then proceeded to methodically steal, compress, and encrypt large amounts of data. This data was prepared to be copied via cloud services like Google Drive, Microsoft OneDrive, and Dropbox.<\/p>\n\n\n\n<p>The way the hackers proceeded indicates a large-scale and well-coordinated attack. It is a tactic befitting an advanced persistent threat (APT) group that would serve the interests of the Chinese state. This is supported by findings from the Dutch intelligence agency AIVD, which links the cyberspies to China.<\/p>\n\n\n<div class=\"vlp-link-container vlp-layout-basic wp-block-visual-link-preview-link advgb-dyn-7bedde92\"><a href=\"https:\/\/innovationorigins.com\/en\/nxps-new-system-talking-to-your-devices\/\" class=\"vlp-link\" title=\"NXP\u2019s new system: talking to your devices\" rel=\"nofollow\" target=\"_blank\"><\/a><div class=\"vlp-layout-zone-side\"><div class=\"vlp-block-2 vlp-link-image\"><img decoding=\"async\" src=\"https:\/\/innovationorigins.com\/app\/uploads\/2023\/09\/Smart_Home_Matter_Tri-Radio_NXP.jpg\" style=\"max-width: 150px; max-height: 150px\" \/><\/div><\/div><div class=\"vlp-layout-zone-main\"><div class=\"vlp-block-0 vlp-link-title\">NXP\u2019s new system: talking to your devices<\/div><div class=\"vlp-block-1 vlp-link-summary\">NXP announced the VIT Speech to Intent engine, an engine that understands natural language and uses edge computing to enable local voice control.<\/div><\/div><\/div>\n\n\n<h2 class=\"wp-block-heading\">NXP&#8217;s response<\/h2>\n\n\n\n<p>Although NXP stated in their 2020 and 2021 annual reports that the hack did not result in &#8220;material&#8221; damage, intellectual property theft cannot be understated. The event prompted NXP to take cyber espionage risks even more seriously. The company reported falling victim to another data breach in September 2023. This leak was discovered and closed within three days, showing NXP had strengthened its security protocols following the attack by Chimera.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">International implications<\/h2>\n\n\n\n<p>Taiwan, a major player in the global chip market, was also affected. At least seven Taiwanese chip companies were victims of the same hacker group. This highlights that the threat of cyber espionage is not limited to Dutch borders. It shows a pattern of targeted attacks on high-tech industries and critical infrastructure worldwide.<\/p>\n\n\n\n<p>The NXP incident and subsequent revelations have drawn attention to the need for companies to strengthen their cyber security. With the increasing complexity of digital infrastructure and the value of data, protecting against cyber espionage is becoming increasingly crucial to maintaining competitive advantage and national security.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">The role of government<\/h2>\n\n\n\n<p>In light of these events, the question is how governments and the private sector can work together to prevent such attacks in the future. The AIVD plays a vital role in identifying threats and advising companies of potential vulnerabilities. This collaboration is essential to create an environment where threat information can be shared quickly, and companies can respond appropriately to incidents. Sharing best practices and raising awareness about cyber risks are steps that must be taken to ensure the digital security of companies and society as a whole.<\/p>\n\n\n<div class=\"vlp-link-container vlp-layout-basic wp-block-visual-link-preview-link advgb-dyn-d4cd6a2a\"><a href=\"https:\/\/innovationorigins.com\/en\/asml-is-the-premium-europe-owes-the-u-s\/\" class=\"vlp-link\" title=\"\u201cASML is the premium Europe owes the U.S.\u201d\" rel=\"nofollow\" target=\"_blank\"><\/a><div class=\"vlp-layout-zone-side\"><div class=\"vlp-block-2 vlp-link-image\"><img decoding=\"async\" src=\"https:\/\/innovationorigins.com\/app\/uploads\/2023\/11\/PXL_20231101_181421086-1.jpg\" style=\"max-width: 150px; max-height: 150px\" \/><\/div><\/div><div class=\"vlp-layout-zone-main\"><div class=\"vlp-block-0 vlp-link-title\">\u201cASML is the premium Europe owes the U.S.\u201d<\/div><div class=\"vlp-block-1 vlp-link-summary\">Marc Hijink wrote a thorough book about the company that occupies local minds and determines world politics: ASML. Wednesday night Hijink presented his book.<\/div><\/div><\/div>","protected":false},"excerpt":{"rendered":"<p>A Chinese hacker group has had undetected access to the network of NXP, one of the largest Dutch chip manufacturers, for over two years, an investigation by NRC reveals. The cyber attack remained under the radar for a long time and resulted in intellectual property theft. Despite NXP&#8217;s reputation for security, the systems were not [&hellip;]<\/p>\n","protected":false},"author":2580,"featured_media":493271,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"advgb_blocks_editor_width":"","advgb_blocks_columns_visual_guide":"","footnotes":""},"categories":[42],"tags":[34901,82390,69603],"location":[],"article_type":[],"serie":[],"archives":[],"internal_archives":[],"reboot-archive":[],"class_list":["post-464612","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-sustainability-nl","tag-espionage","tag-marc-hijink-2","tag-nxp-2"],"blocksy_meta":[],"acf":{"subtitle":"An investigation by NRC reveals that a Chinese hacker group had undetected access to chip manufacturer NXP's computer network for more than two years. The perpetrators targeted chip designs.","text_display_homepage":false},"author_meta":{"display_name":"Laio","author_link":"https:\/\/ioplus.nl\/archive\/author\/laio\/"},"featured_img":"https:\/\/ioplus.nl\/archive\/wp-content\/uploads\/2023\/11\/Eindhoven-Netherlands.jpg","coauthors":[],"tax_additional":{"categories":{"linked":["<a href=\"https:\/\/ioplus.nl\/archive\/en\/category\/sustainability-nl\/\" class=\"advgb-post-tax-term\">Sustainability<\/a>"],"unlinked":["<span class=\"advgb-post-tax-term\">Sustainability<\/span>"]},"tags":{"linked":["<a href=\"https:\/\/ioplus.nl\/archive\/en\/category\/sustainability-nl\/\" class=\"advgb-post-tax-term\">espionage<\/a>","<a href=\"https:\/\/ioplus.nl\/archive\/en\/category\/sustainability-nl\/\" class=\"advgb-post-tax-term\">Marc Hijink<\/a>","<a href=\"https:\/\/ioplus.nl\/archive\/en\/category\/sustainability-nl\/\" class=\"advgb-post-tax-term\">NXP<\/a>"],"unlinked":["<span class=\"advgb-post-tax-term\">espionage<\/span>","<span class=\"advgb-post-tax-term\">Marc Hijink<\/span>","<span class=\"advgb-post-tax-term\">NXP<\/span>"]}},"comment_count":"0","relative_dates":{"created":"Posted 2 years ago","modified":"Updated 2 years ago"},"absolute_dates":{"created":"Posted on November 24, 2023","modified":"Updated on November 24, 2023"},"absolute_dates_time":{"created":"Posted on November 24, 2023 1:58 pm","modified":"Updated on November 24, 2023 1:58 pm"},"featured_img_caption":"","series_order":"","_links":{"self":[{"href":"https:\/\/ioplus.nl\/archive\/wp-json\/wp\/v2\/posts\/464612","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ioplus.nl\/archive\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ioplus.nl\/archive\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ioplus.nl\/archive\/wp-json\/wp\/v2\/users\/2580"}],"replies":[{"embeddable":true,"href":"https:\/\/ioplus.nl\/archive\/wp-json\/wp\/v2\/comments?post=464612"}],"version-history":[{"count":0,"href":"https:\/\/ioplus.nl\/archive\/wp-json\/wp\/v2\/posts\/464612\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ioplus.nl\/archive\/wp-json\/wp\/v2\/media\/493271"}],"wp:attachment":[{"href":"https:\/\/ioplus.nl\/archive\/wp-json\/wp\/v2\/media?parent=464612"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ioplus.nl\/archive\/wp-json\/wp\/v2\/categories?post=464612"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ioplus.nl\/archive\/wp-json\/wp\/v2\/tags?post=464612"},{"taxonomy":"location","embeddable":true,"href":"https:\/\/ioplus.nl\/archive\/wp-json\/wp\/v2\/location?post=464612"},{"taxonomy":"article_type","embeddable":true,"href":"https:\/\/ioplus.nl\/archive\/wp-json\/wp\/v2\/article_type?post=464612"},{"taxonomy":"serie","embeddable":true,"href":"https:\/\/ioplus.nl\/archive\/wp-json\/wp\/v2\/serie?post=464612"},{"taxonomy":"archives","embeddable":true,"href":"https:\/\/ioplus.nl\/archive\/wp-json\/wp\/v2\/archives?post=464612"},{"taxonomy":"internal_archives","embeddable":true,"href":"https:\/\/ioplus.nl\/archive\/wp-json\/wp\/v2\/internal_archives?post=464612"},{"taxonomy":"reboot-archive","embeddable":true,"href":"https:\/\/ioplus.nl\/archive\/wp-json\/wp\/v2\/reboot-archive?post=464612"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}