Tower hit by cyber attack, some production disrupted

Tower Semiconductor’s IT security systems identified a security incident on some of its systems as a result of a cyber attack. The company announced that as a preventive measure, it had halted certain of its servers and proactively held operations in some of its manufacturing facilities, and has done so in a gradual, organized manner.

Tower has notified relevant authorities and is working closely with law enforcement organizations and with a team of experts, coordinated with its insurance providers, in order to recover the impacted systems as soon as possible. The Company has implemented specific measures to prevent the expansion of this event.

Tower Semiconductor provides manufacturing services for integrated circuits (ICs) in process platforms such as SiGe, BiCMOS, mixed-signal/CMOS, RF CMOS, CMOS image sensor, non-imaging sensors, integrated power management and MEMS. It operates two manufacturing facilities in Israel (150mm and 200mm), two in the U.S. (200mm), and three facilities in Japan (two 200mm and one 300mm).

In September 10, Tower announced that all of its manufacturing sites are operational, targeting full capability within the next few days. “Tower is confident of the functional quality of the work in progress and production line inventories, with Company and customer data remaining protected. Due to the manufacturing disruption, the Company expects some level of impact to its third quarter results.”

Semiconductor’s Industry under Attack

Cyber attacks pose a big risk to the highly connected semiconductor’s production lines. On May, 2020, the US-based MaxLinear discovered a security incident affecting some of its systems and immediately took all systems offline. On August, 2018, TSMC, a supplier for Apple’s SoC components and a major manufacturer for Qualcomm, fell victim to a variant of the WannaCry ransomware. The infection caused the company to stop production for two days. The shutdown was believed to have cost the company roughly $250 million USD and shipment delays.

According to the Taiwanese cyber security firm CyCraft, multiple organizations along Taiwan’s high-tech ecosystem were victims of an advanced persistent threat (APT) attack , which originated in the semiconductor industry and still continues to be a threat today. “APTs are professional cyber espionage actors that typically receive direction and support from nation-states and often target organizations with high-value information, such as national defense, financial, energy, or now, the manufacturing of semiconductors.”


Renault, Volvo and Hyundai Invested in Upstream Security

Photo above: Upstream’s Co-founders Yoav Levy (Left) and Yonatan Appel

Upstream Security from Herzliya, Israel, announced the completion of a $30 million in a Series B funding round, bringing the company’s total investment to date to $41 million. The round was led by Renault Venture Capital and included Volvo Group Venture Capital, Hyundai, Hyundai AutoEver, Nationwide Ventures and others. Original Upstream investors Charles River Ventures, Glilot Capital and Maniv Mobility all participated in the round.

The company’s Upstream Security C4 (Centralized Connected Car Cybersecurity Security) Platform is a purpose-built solution for protecting connected vehicles. C4 is deployed in the Automotive Cloud; in the demarcation point between the operational network and the IT network, ensuring protection of the communication data between the vehicles and command and control servers. Upstream system analyze the communications between data centers and fleets in order to detect, interpret and alert in real-time of any threats to the fleet.

Nobody is Safe

“This first of its kind investor syndicate, is a testament to the severity of the problem the industry is tackling,” said Yoav Levy, Upstream Security Co-founder and CEO. Earlier this year a report published by Upstream Security outlining the automotive threat landscape spanning the past decade, showing that OEM vehicle manufacturers and commercial and public sector fleets have been targeted. In many cases attacks were executed indirectly via connected services and applications and from long distance.

Establishing a security framework for connected cars entails a multi-layer approach that secures both the vehicles and the infrastructure connecting them. Upstream C4 platform enables OEM car manufacturers and fleets to detect, monitor and respond to attacks targeting any part of the connected vehicle framework – even for vehicles already on the road.

2 Million Protected Cars

“Securing our customers’ connected vehicles is always top of mind for Volvo,” noted David Hanngren, Investment Director at Volvo Group. “We have chosen to invest in Upstream because they have a great vision for addressing this unique sector and serious depth in both automotive domain expertise and cybersecurity.”

The CEO Yoav Levy revealed in the company’s blog, that over the last year the company haz dedicated extensive efforts in growing its partner network with MSSPs (Managed Security Service Providers), suppliers and OEMs. “Our platform is already ingesting data of over 2 million vehicles.”

Upstream was established in 2017 by the CEO Yoav Levy and the CTO Yonatan Appel. Yoav brings over 17 years of experience in multi-national high-tech companies and start-ups in leading vendors such as Check Point, Juniper Networks and Broadcom. Yonatan is involved with technology development for the last 20 years in industry-leading companies such as Check Point, Imperva, Microsoft and in in an elite technological unit in the IDF Intelligence Corps.

Mellanox Has Gained Over a Million Ethernet Ports

 Mellanox Technologies from Yokneam, Israel, said that the integration of its Ethernet switches into  Check Point Software’s “Maestro” security platform, announced in January 2019, has propelled Ethernet switch shipments past the one million port milestone. Check Point has selected Mellanox Spectrum-based Ethernet switches for its next generation Maestro platform – the industry’s first truly hyperscale network security solution.

Check Point Maestro is a revolutionary new hardware-software security suite based on a new architecture to enable cyber defense against “Generation V” threats.  Its HyperSync patented technology allows customers to enjoy full redundancy within a system, by utilizing all hardware resources. Maestro leverages the Mellanox 10, 25 and 100Gbps Spectrum based Ethernet switches.

The Spectrum-based Open Ethernet platform enables Check Point to allow Gaia, its operating system for security applications, to run on the switch. Gaia provides the feature set and interfaces that are familiar to security administrators worldwide, and delivers secure updates via IPSO and Secure Platform.

Mellanox’ Spectrum family of Ethernet switches are purpose built for Software Defined Datacenters. The Spectrum product family includes a broad portfolio of Top-of-Rack (TOR) and aggregation switches that range from 16 to 128 physical ports, with Ethernet data rates of 1GbE, 10GbE, 25GbE, 40GbE, 50GbE, 100GbE, 200GbE and 400GbE per port. Utilizing an Open Ethernet architecture allows a choice of operating systems, including Mellanox Onyx, Cumulus Linux, SONiC, Switchdev and others.

Itai Greenberg, VP Product Management at Check Point, said that Check Point’s decision “Came After a careful evaluation of the various offerings. We selected the Mellanox Spectrum family of switches as the best solution to meet our needs and deliver unmatched security platforms to our customers. We look forward to continuing the technology collaboration with Mellanox for product generations to come.”