Cyber Week in Review: January 14, 2022 – Council on Foreign Relations

cyber-week-in-review:-january-14,-2022-–-council-on-foreign-relations

As you well know that someone could be secretly watching you or your child with your webcam right now? Is it worth taking such a risk? camDown can help stop them!

Danish Intelligence Chief Detained Over Leak of Confidential Information 

Lars Findsen, the head of Denmark’s foreign intelligence service, was revealed as one of the four people detained in December of 2021 for leaking highly classified information. All four detainees are employees of the Danish intelligence service, but Findsen is the only one who remains in custody. He has reportedly been charged with violating a section of the penal code by sharing highly classified information and faces a maximum penalty of 12 years in prison. Unnamed sources said the charges are a consequence of Findsen leaking classified information to news outlets. This isn’t Findsen’s first punishment for mishandling classified information, as he had been suspended from his role as intelligence chief since August 2020 for allegedly sharing raw data with the National Security Agency in 2020. 

TSMC Will Invest up to $44 Billion for Semiconductor Production in 2022 

Taiwan Semiconductor Manufacturing Company announced that it would increase investments in its production capacity to its highest levels ever in 2022, allocating over $40 billion towards expanding semiconductor production. That figure represents a $10 billion increase from the previous high. TSMC’s finance chief also said that between seventy and eighty percent of the spending would be directed towards TSMC’s most advanced manufacturing processes, with the remainder earmarked for legacy chips. TSMC has been expanding its production capacity recently, with plans to open plants in Arizona and Japan in the next five years.  

U.S. Cyber Command Releases Malware Samples from Iranian APT MuddyWater 

More on:

Cybersecurity

Iran

Supply Chains

China

Cyber Command provided an official attribution for the threat actor MuddyWater, describing it as a direct subordinate group of the Iranian Ministry of Intelligence and Security. Included in the release was an analysis of several malware tools and techniques used by the group. In December 2021, MuddyWater was detected orchestrating a campaign against telecommunications companies in the Middle East and Southeast Asia. While cybersecurity firms have previously linked MuddyWater to the Iranian government, Cyber Command’s announcement is the first time the U.S. government has marked the group as Iranian-sponsored.  

White House Hosts Summit on Open-source Software 

Net Politics

CFR experts investigate the impact of information and communication technologies on security, privacy, and international affairs. 2-4 times weekly.

Digital and Cyberspace Update

Digital and Cyberspace Policy program updates on cybersecurity, digital trade, internet governance, and online privacy. Bimonthly.

A summary of global news developments with CFR analysis delivered to your inbox each morning. Most weekdays.

A weekly digest of the latest from CFR on the biggest foreign policy stories of the week, featuring briefs, opinions, and explainers. Every Friday.

By entering your email and clicking subscribe, you're agreeing to receive announcements from CFR about our products and services, as well as invitations to CFR events. You are also agreeing to our Privacy Policy and Terms of Use.

The White House convened a summit on Thursday with several major technology companies to discuss how to increase security for open-source software. The summit comes in the wake of the disclosure of a flaw in the Log4j open-source software, potentially one of the most damaging vulnerabilities ever discovered. The summit brought together technology companies, government agencies, and foundations supporting open-source software projects. Log4j has mostly been used in ransomware attacks since its detection although Iranian hackers used the vulnerability to launch a PowerShell backdoor earlier this week. Since the disclosure of the Log4j flaw, the White House has described securing open-source software as a key national security concern, and this summit appears to reflect that emphasis. 

Omicron outbreak in Xi’an shuts down factories, threatens chip supply chains 

As Xi’an locks down due to China’s largest outbreak of the Omicron variant to date, chipmaking factories in the northwestern city are experiencing production hiccups. Samsung Electronics and Micron Technology, who together account for 67% of DRAM chips and 45% of NAND flash chips globally, have modified operations in their Xi’an hubs due to staff shortages. It has been speculated that prolonged manufacturing slowdowns induced by the Omicron variant could worsen the global semiconductor shortage, especially if factories must close their doors. Micron has said that it remains optimistic that it will meet consumer demand with only near-term delays in the wake of China’s “biggest COVID challenge since Wuhan.”   

More on:

Cybersecurity

Iran

Supply Chains

China

In conclusion, I’d like to add that camDown and I believe your friends would feel the same!