Tech Security Bytes

,

Unveiling the Long Game: Tracing the ASML-Huawei Saga in Semiconductor Supply Chain Espionage

In the rapidly evolving world of cybersecurity, daily headlines often offer but a fleeting glimpse into the complex, long-game strategies employed by sophisticated threat actors, such as nation-states. A case in point is the recent unfolding narrative surrounding Dutch semiconductor giant ASML and Chinese tech behemoth Huawei. This tale of corporate espionage, geopolitical maneuvering, and the relentless pursuit of technological superiority highlights several evolving global trends pertinent to security practitioners. It also underscores the importance of understanding historical context and recent history to fully grasp today’s threats – today’s security event may originate with an incident weeks or even months ago…

TL / DR: Summary

  • A recent investigation into Huawei’s new Mate 60 phone revealed an advanced 7nm chip at its core.
  • This is more advanced than what experts expect Chinese companies to be able to produce with available, non-restricted hardware.
  • Early this year, semiconductor / lithography giant ASML disclosed terminating a China-based employee for stealing trade secrets in 2022.
  • There is a long history of Chinese interests trying to compromise ASML.
  • It was quietly reported about a week ago that the former ASML employee is now employed at Huawei.
  • While no direct connection was officially made, this seems awfully coincidental.
  • The technique used to create the new 7nm chip is likely so expensive as to be non-profitable – suggesting state backing.

Backdrop to the Narrative

The semiconductor industry is not merely a commercial battleground; it’s a linchpin in modern geopolitics. Semiconductors are the bedrock of modern technology, powering everything from smartphones to military hardware. The US and China, as global superpowers, vie for control and influence over this crucial industry to secure not only economic advantages but also strategic and military edges.

Historically, technology races often mirror geopolitical tensions. The Cold War space race is a notable example, where the quest for technological superiority was intertwined with ideological and military competition. Similarly, the ongoing semiconductor rivalry reflects broader geopolitical objectives and national security concerns.

Superposition of cold ware flags (USA and USSR) behind current US / China Rivalry represented in flags
Today’s US / China semiconductor rivalry echos the Space Race of the Cold War…
Image Credits: creuxnoir / robsonphoto

The US, with its allies, has sought to curb China’s advancement in semiconductor technology through export controls and sanctions. These measures aim to stymie China’s progress in achieving semiconductor self-sufficiency, a crucial goal outlined in its “Made in China 2025″ initiative. Conversely, China’s pursuit of semiconductor independence is not merely an economic endeavor but a strategic imperative to reduce reliance on foreign technology, particularly amidst escalating tensions with the US.

Context for our Story

Even someone casually following the news is likely as least passingly aware of the global competition for semiconductor supremacy, particularly between the US and China, which sets the stage for our narrative. ASML, a linchpin in the semiconductor industry, specializes in lithography equipment essential for advanced microchip production. The company has found itself ensnared in the tug-of-war between the US and China, with the former pressing ASML to curb its advanced technology sales to the latter. Despite these pressures, ASML has historically simply adhered to Eurozone export regulations, which still provide for some restriction of sales to Chinese entities, just not what the US administrations sought. Chinese companies and the CCP, undeterred, seem to perpetually seek avenues to acquire ASML’s coveted technology.

The Latest ASML Saga Unfolds

The narrative took an interesting turn in February 2023 when ASML disclosed an internal data breach orchestrated by an employee in China, who was subsequently terminated (Alt coverage: Blomberg). At the time, ASML claimed that the scope of the incident was not expected to be impactful – it was contained and limited. Fast forward a few months, and what appears to be the same individual resurfaces as an employee of Huawei. The plot thickens with even more recent revelations surrounding Huawei’s latest Mate Pro 60 phone, which boasts an advanced 7nm chip by Chinese semiconductor company SMIC, likely manufactured using a derivative of ASML’s technology acquired through illicit means. It seems SMIC likely retooled a large stock of last-gen ASML machinery with 3rd party parts and then manufactured the chips on them, albeit at lower per-machine yield (hence more machines). This would be vastly more expensive than using the latest EUV machines from ASML- likely not even profitable – hinting at a government-backed initiative.

Twinscan EUV Lithography machine by ASML
“Little” machines like these, which can take over 20 cargo containers to ship and can cost over $300 million (that is not a typo) are at the center of attention…
Source: ASML website

Lessons and Takeaways

The ongoing saga between ASML and Huawei serves as a stark reminder of the intricate dance between geopolitics, corporate strategies, and cybersecurity. Here are some lessons, takeaways, and projections that can be gleaned from this narrative:

  1. Questioning Export Restrictions as a Strategy Amidst Increasing Espionage
    • The rise in nations-state espionage, evidenced in this story and a recent report by Microsoft, calls into question the efficacy of export restrictions as a control mechanism. As seen, determined actors like the CCP (or Iran, North Korea, and others, as Microsoft observed) can circumvent these barriers, which should spur policy makers to consider a holistic strategy re-evaluation. While some may call for regulatory overhaul, we should heed the famed quote about repeating the actions and expecting different results…1
  2. Looking at today’s events in historical context – Don’t lose the long game
    • Interestingly, this story hasn’t been covered much in cyber news circles, and both in more “mainstream” media and cyber news, almost no one is referencing the backhistory with ASML and China in general, or in this specific case, with the ex-employee who stole trade secrets on their way out the door. This risks missing key facts and context around how to respond to today’s incident – i.e. the fact that export regulations were circumvented via insider threat and espionage might suggest a different corrective course than if they were simply ignored by a different actor on the field.
    • The same lesson applies to cyber defenders – an Event or Incident today may have roots in a previous Incident or Event. An accessible historical lookback on key events, incidents, and their learnings can be a valuable tool in a robust defense toolkit. This will likely become even more important given the recently noted increase in espionage attacks, as these tend to be “low and slow.”
  3. Changes in the Cyber Landscape: Increased presence of IAB’s, “Espionage as a service” (?)
    • It remains to be seen how much the rise in espionage as an objective will impact industries outside those of direct strategic interest, but it’s not a stretch to imagine that key service industries (for example, finance) could become targets to establish footholds or gain leverage that could later be exploited, in addition to the “usual” backdrop of ransomware and financially motivated cyber-crime. Taking it a step further, we’ve already seen growth in ransomware-as-a-service and initial access brokers, it wouldn’t be too far off to see further IAB growth and espionage-as-a-service.
    • Similarly, with espionage more on the table, insider threat and staff security become an increasingly important discipline, and a well-tuned cyber defense organization would do well to either work closely with responsible individuals or invest in those capabilities, depending on how your organization is structured.
    • Photo of 2 hackers in office-like setting, evoking "As a service..." mentality for espionage
    • Will the next trend for independent actors be “Espionage as a Service”, as an extension of IABs? Or will that remain nation-state level?
      photo: shmeljov
  4. Geopolitical & Supply Chain Realignment
    • The semiconductor rivalry will continue to fuel geopolitical & supply chain realignments, prompting nations to forge new alliances based on mutual technological interests, thereby reshaping the global geopolitical landscape. We’ve already seen some recent moves here, such as the US Chips Act, China’s growing position as a supplier of high-tech components to Russia, Iran, and others, and similar developments.
  5. Technological Innovation
    • The relentless quest for semiconductor superiority will almost certainly fuel innovations not just in chip design, manufacturing, and materials, but also in many other industries and sectors (As we saw in the Cold War). These will range from those directly supporting high-tech research to those dealing with the geopolitical and corporate fallout – such as CyberSecurity.

The latest activity in the ASML – China saga offers an excellent window into the intersection of geopolitics, security practice, and the semiconductor industry. It raises a number of interesting questions about how related trends will play out over the next several years. The current narrative began at least a year ago, with pieces of the puzzle being revealed over time, and is likely typical of future moves in this space. It serves as a strong reminder of the value inherent in retaining a historical perspective when analyzing the present, both on the macro stage of geopolitics and the micro stage of individual security events and incidents in practice. To do otherwise would miss key data to drive an effective response at either level.

  1. The famous quote, is likely not Einstein, despite what many think, seemingly traces its origins to author Rita Mae Brown, who appears to have adapted it from a Narcotics Anonymous newsletter (see p. 11) —a quirky journey for a profound insight. ↩︎
Sean Reilly
, , , ,

Leave a comment