For two years, Chinese cyber spies “visited" NXP networks.
Chinese hackers stole chip designs from a major Dutch semiconductor company, NXP, after going undetected for more than two years. This is reported by NRC.
The China-linked Chimera hacker group penetrated NXP's network in late 2017 and had access until early 2020. The breach went unnoticed for about two and a half years, during which time hackers lurked in the company's network and stole intellectual property, including chip designs. The full extent of the damage has not yet been disclosed.
The security breach was reportedly discovered completely by accident. In September 2019, a similar attack occurred on the Dutch airline Transavia, a subsidiary of KLM. As a result of a cyber incident, hackers gained access to Transavia's booking systems. An investigation into the Transavia hack revealed a link to NXP, which led to the discovery of hacking into the semiconductor giant's networks. The attack has all the hallmarks of the Chimera hacker group, including the use of its hacking tool ChimeRAR.
Hackers used credentials from previous data breaches on platforms such as LinkedIn and Facebook, and used "brute force" techniques to crack passwords. They also circumvented two-factor authentication by changing phone numbers. Data was taken out using encrypted files uploaded to cloud storage, such as Microsoft's OneDrive, Dropbox, and Google Drive.
NXP, the largest chip manufacturer in Europe, is known for developing secure Mifare chips for public transport in the Netherlands, as well as secure elements for the iPhone, in particular for Apple Pay.
Despite confirming the theft of intellectual property, NXP says that the intrusion did not cause significant damage. The company claims that the stolen data is so complex that it can't be easily used to replicate designs. In this regard, NXP did not consider it necessary to inform the public.
After the hack, the company strengthened its network security measures, improved monitoring systems, and tightened control over the availability and transmission of data within the company. These steps are aimed at preventing similar incidents in the future and protecting the company's valuable intellectual assets.
It remains unknown exactly what was stolen, as well as how many other companies in the semiconductor industry may have been hacked and did not report it to the public.
Chinese hackers stole chip designs from a major Dutch semiconductor company, NXP, after going undetected for more than two years. This is reported by NRC.
The China-linked Chimera hacker group penetrated NXP's network in late 2017 and had access until early 2020. The breach went unnoticed for about two and a half years, during which time hackers lurked in the company's network and stole intellectual property, including chip designs. The full extent of the damage has not yet been disclosed.
The security breach was reportedly discovered completely by accident. In September 2019, a similar attack occurred on the Dutch airline Transavia, a subsidiary of KLM. As a result of a cyber incident, hackers gained access to Transavia's booking systems. An investigation into the Transavia hack revealed a link to NXP, which led to the discovery of hacking into the semiconductor giant's networks. The attack has all the hallmarks of the Chimera hacker group, including the use of its hacking tool ChimeRAR.
Hackers used credentials from previous data breaches on platforms such as LinkedIn and Facebook, and used "brute force" techniques to crack passwords. They also circumvented two-factor authentication by changing phone numbers. Data was taken out using encrypted files uploaded to cloud storage, such as Microsoft's OneDrive, Dropbox, and Google Drive.
NXP, the largest chip manufacturer in Europe, is known for developing secure Mifare chips for public transport in the Netherlands, as well as secure elements for the iPhone, in particular for Apple Pay.
Despite confirming the theft of intellectual property, NXP says that the intrusion did not cause significant damage. The company claims that the stolen data is so complex that it can't be easily used to replicate designs. In this regard, NXP did not consider it necessary to inform the public.
After the hack, the company strengthened its network security measures, improved monitoring systems, and tightened control over the availability and transmission of data within the company. These steps are aimed at preventing similar incidents in the future and protecting the company's valuable intellectual assets.
It remains unknown exactly what was stolen, as well as how many other companies in the semiconductor industry may have been hacked and did not report it to the public.
