CTT Conversations: The NVIDIA Hack and the National Security Catastrophe

The hack of NVIDIA has exposed the blueprints of a $580 billion semiconductor juggernaut, putting some of America’s most valuable chip designs at risk of appropriation by Chinese government entities and others. CTT sat down with Dylan Patel, a leading semiconductor industry analyst and Daniel Markus, lead China Task Force staffer to discuss mitigating the impact of this hack. Patel provided an overview of the Nvidia hack and the implications pertaining to Chinese semiconductor firms. Patel explained, “Nvidia’s software is best in class, and hackers have exposed Nvidia’s proprietary designs and put them in the public domain. Now Chinese AI firms and others can kick start their own R&D and catch up with ease… It’s virtually impossible to protect yourself… Read More

The Impending NAND Apocalypse Reinforces China’s Drive for Global Tech Supremacy

Dr. Roslyn Layton recently talked with Dylan Patel, a leading semiconductor industry analyst, about the evolving nature of the semiconductor industry as it relates to security, technology, and the recent NVIDIA hacks. During the conversation, Patel also highlighted the NAND market and impending “NAND Apocalypse” given China’s investment vis-a-vis their “Made in China” plan. He stated, “The NAND apocalypse is the result of Chinese subsidies into semiconductors, totaling roughly $250 billion across 2020 to 2025. They’re ‘Made in China’ plan has them going to a very high percentage of domestically produced chips. And NAND is a critical component within that… YMTC is able to produce NAND memory chips, critical memory that’s used in nearly every device and server and military… Read More

Lenovo Appears to Still Be Selling Technology to Russia. That Should Warrant U.S. Scrutiny

Following pleas from the Ukrainian Deputy Prime Minister to stop supplying Russia, Taiwanese PC maker ASUS announced this week that it has ceased shipments and will abide by “all international regulations.” The same cannot be said of China’s Lenovo, the world’s largest personal computer manufacturer—at least not with certainty. Despite reports that Lenovo stopped sales in Russia, other media reporting suggests that the company—which controls 18.5% of the Russian PC market (compared to ASUS’ 15.6%)—continues to do business there. Lenovo has not offered an official statement of whether it is maintaining its operations in Russia. “Xi Jinping’s role in Ukraine is far less visible than Vladimir Putin’s, but make no mistake: China is also a combatant in the war,” Gordon… Read More

#VoteEstevezNow: Our Adversaries Benefit from the Senate’s Delay

As the crisis in Ukraine continues, more eyes are turning towards China. Over the weekend, The Washington Post reported that Russia is seeking military equipment and aid from China. Eric Sayers, a former advisor to the U.S. Indo Pacific Command, is quoted by The Post as saying, “If Beijing is offering any type of military assistance to aid Moscow’s war in Ukraine, the spillover effects on U.S.-China policy could be vast.” Sayers added, “It would abruptly end debate about pathways to working with Beijing. More importantly, it would push Washington to accelerate retaliatory and decoupling actions toward China, and create new pressure on companies now doing business in China.” Companies like Lam Research, Applied Materials, and KLA Corporation – semiconductor… Read More

Threat Tech Disconnect: States Are “Buying the Stuff That’s Going to Create Problems”

Despite federal actions to prevent government agencies from purchasing potentially vulnerable Chinese-made technology, inconsistent state- and local-level policies have created security gaps that put citizens’ personal information at risk. This disconnect was the focus of the latest installment of China Tech Threat’s Quick Cut series on Wednesday, The Tech Threat Disconnect. “It’s time for us to wake up,” said U.S. Representative Claudia Tenney (R-NY22). “This can be a real problem for the security of our residents and our local governments. Yet, states continue to buy products from companies like Lexmark, Hikvision and others, which are Chinese owned interests.” “Who knows what’s embedded in these Lexmark printers and especially in Lenovo computers?” she added, pointing to the prominent brands that have… Read More

Russia Tech Export Restrictions Have A Weakness: No BIS Leader Yet 

The centerpiece of President Biden’s new round of Russia sanctions is a complete embargo on selling semiconductors to Russia. While the sanctions by the Commerce Department’s Bureau of Industry and Security (BIS) will deliver a powerful punch to Russia, they also expose a weakness: BIS, the enforcer of export controls as tools for our national security strategy, has no leader at the top at this critical time.   President Biden nominated Alan Estevez to serve as Undersecretary for Industry and Security seven months ago, but Congress has not yet held a vote to confirm him. This already concerning vacancy at the top of “the most important agency most Americans have never heard of,” creates a glaring hole in the United States’ export control regime, hindering its… Read More

Mike Rogers: “Cyber Threat Is Real and Growing”

The SolarWinds breach may be the “most significant” cyber-attack in American history, and the scope is likely to grow, former Congressman Mike Rogers wrote in the Wall Street Journal on Sunday. Beyond the sheer breadth of the attack, it also reveals that government agencies are no longer the only targets of the United States’ adversaries—American businesses are, too. “Don’t be surprised either if it emerges that private companies were hit.,” Rep. Rogers cautions. “SolarWinds says it has more than 300,000 customers, including 400 companies in the Fortune 500. That’s a lot of potential victims.” That U.S. businesses are in the crosshairs of country’s like China and Russia requires cooperation across both the private and public sectors. “The nation—public and private… Read More

SolarWinds Breach Underscores the Threat from U.S. Adversaries

At least five U.S. government agencies were breached by a cyber-espionage campaign launched by the Russian government, reporting this week revealed. The attack, which dates back to March and possibly longer, successfully infiltrated the Departments of State, Defense, Commerce, Treasury and Homeland Security. The list of targets is expected to grow to include more agencies and private companies as more is learned about the scope of hack.  Described as “highly sophisticated,” the operation accessed U.S. networks through a corrupt software patch. The New York Times called it one of the “greatest intelligence failures of modern times.” Last year Wired reported that a group of Chinese hackers used a similar software supply chain attack to compromise at least six companies over… Read More