Search
Close this search box.

Mitigating cybersecurity challenges for the semiconductor industry

The industry is a significant target of cyber-attacks, but there are ways to reduce the risk

by Brian Korn, CIM Solution Architect

Share

What’s Inside

The semiconductor industry has seen a robust increase in demand due to the world’s dependence on technology. Given its role as the foundation of innovation in industries ranging from consumer electronics to defense, it has also become a high value target for cyberattacks. The industry is a principal objective for nation-state actors, financially motivated attackers, and supply chain disruptions. In fact, there has been a 72% increase in data breaches since 2021 and an 81% rise in financial losses due to cybersecurity complaints in 2023.1 There is an urgent need for improved cybersecurity measures.

Rising threats

There are several factors that make the semiconductor industry particularly vulnerable, including its valuable intellectual property in the form of proprietary designs and fabrication processes. Its highly interconnected global supply chain and reliance on cutting-edge science and engineering compound its cybersecurity challenges. Reports by cybersecurity companies detail attacks on the industry with far-reaching consequences ranging from halted production to financial losses from compromised intellectual property. Among these, Cyble last year reported a surge in cyber threats targeting semiconductor firms. These ranged from ransomware and supply chain breaches to sophisticated espionage campaigns.2 A separate report by Critical Start revealed that, in the first half of 2024 alone, the manufacturing and industrial sectors (led by semiconductor firms) suffered 377 confirmed ransomware and data leak incidents.3

One of the most high-profile incidents was the ransomware attack on Advantech in 2020, where hackers demanded 750 bitcoins (valued at the time at $13.8 million).4 In May 2023, Lacroix, a major electronics manufacturer, was forced to shut down three of its eight global sites for a week due to a cyberattack that crippled its virtual infrastructure.5

Global impacts

Cyber-attack disruptions to the semiconductor industry cause immediate financial damage to the company at the center of the attack, but also have a ripple effect through the global supply chain. This includes delayed product launches and impacts to industries reliant on timely chip deliveries.

Despite the high stakes, many semiconductor firms remain underprepared. More than 60% of manufacturing companies have experienced cyberattacks, and the average cost of a breach in this sector is around $1 million.6

Preventive measures

While daunting, it’s possible to prevent many forms of these attacks. In some cases, it’s a matter of tightening training and protocols. For example, 70% of breaches are due to human error7 such as phishing attacks or poor password hygiene – both issues that should be addressed in ongoing staff training.

Other methods for reinforcing defenses against cyber threats include:

  • Zero trust architecture: a policy whereby no user or device is trusted by default. This minimizes lateral movement in the case of a breach.
  • Supply chain risk management: identification of weak links in the supply chain to enforce cybersecurity standards.
  • Advanced threat detection: deployment of managed detection and response (MDR) and 24/7 security operations centers (SOC).
  • Employee training: informing and empowering employees to protect against phishing and social engineering attacks.
  • Regulatory compliance: aligning with global standards such as ISO/IEC 27001 and the NIST Cybersecurity Framework.

The industry’s response

Understanding the need for an industry-wide strategy, SEMI launched the SEMI Manufacturing Cybersecurity Consortium (SMCC), a key initiative to address threats via a unified approach. SMCC brings together global stakeholders to develop standards, share threat intelligence, and align with regulations. This includes representatives from fabs, equipment manufacturers, software vendors, and academia. By taking a practical, standards-based and collaborative approach, the aim is to enhance security while streamlining compliance.

Collaborative working groups focus on factory-level security, supply chain readiness, regulatory alignment (including the EU Cyber Resilience Act), and educational outreach. Through these, the SMCC has developed standards such as SEMI E191 for equipment compliance, frameworks for supply chain security, and mechanisms for cross-industry threat sharing—even among competitors.

Among the initiatives the SMCC has undertaken since its inception at SEMICON West in July 2023, are:

  • Partnering with NIST to develop a tailored cybersecurity profile for semiconductor manufacturing.
  • Publishing SEMI E191 and E191.1 standards for cybersecurity status reporting.
  • Forming a dedicated group to interpret and align with the EU Cyber Resilience Act.

SmartFactory’s role in prevention

SmartFactory solutions play a significant role in improving supply chain security within the semiconductor manufacturing industry by embedding cybersecurity into the core of smart manufacturing operations. There are many preventive measures inherent to the SmartFactory platform, including:

Secure data integration and flow: The integration of data across equipment, processes and systems is designed with secure data protocols and access controls. This reduces the risk of unauthorized access or data tampering.

AI-driven anomaly detection: AI and machine learning are leveraged to detect unusual patterns in equipment behavior or process data—often early indicators of cyber intrusions or system manipulation.

Role-based access and authentication: Only authorized personnel can access sensitive systems or make changes to production parameters to limit the attack surface and help prevent insider threats.

Real-time monitoring: Integration with factory systems and real-time monitoring of factory operations that include cybersecurity-related metrics means any deviations from expected performance can trigger alerts. This enables an early and rapid response to threats.

Supply chain and equipment compliance: Manufacturers can more easily align with industry-wide best practices and a reduction in vulnerabilities introduced by third-party tools because SmartFactory solutions are often used as part of standards such as SEMI E187 and E191.

Integration with broader cybersecurity frameworks: Integration with enterprise cybersecurity tools aids in centralized threat detection and response.

Secure data exchange between fabs and suppliers: Only authenticated and authorized systems can interact with factory networks, reducing the risk of the supply chain-originated breaches. These currently account for more than 65% of incidents in semiconductor factories.

Support for standardized assessments of supplier cybersecurity maturity: Alignment with initiatives such as SMCC’s WG3 helps fabs evaluate and onboard vendors based on consistent security criteria.

Conclusion

The world already relies heavily on semiconductors and demand is only expected to grow. As manufacturers work to meet those demands, they cannot afford the delays and ensuing costs incurred from a cyberattack. From basic employee training to collaboration with supply chain partners and choosing automation solutions with inherent security elements, it is possible—and critical—to reduce these threats.

References

[1] “Cybersecurity Framework Profile for Semiconductor Manufacturing,” NIST, 4 February 2025. [Online]. Available: https://www.nccoe.nist.gov/projects/cybersecurity-framework-profile-semiconductor-manufacturing.

[2] “Semiconductor Threat Report 2024 | Cyble Industry Insights,” Cyble. [Online].
Available: https://labs.cyble.com/semiconductor-threat-report.

[3] ”Manufacturing and Industrial Sectors: Top Targets for Cyberattacks in 2024,” Critical Start. [Online] Available: https://www.criticalstart.com/resources/cyberattacks-manufacturing-industrial-2024/.

[4] “Manufacturing Cybersecurity: Stats, Risks & DataGuard Solutions 2024,” DataGuard. [Online].
Available: https://data-guard365.com/manufacturing/manufacturing-cybersecurity-stats-risks-dataguard-solutions-2024/.

[5] Ibid.

[6] Ibid.

[7] Ibid.

About the Author

Picture of Brian Korn, CIM Solution Architect
Brian Korn, CIM Solution Architect
Brian is a seasoned semiconductor manufacturing and cybersecurity leader with more than 25 years’ experience. He served as the Inaugural Director of SEMI’s Semiconductor Manufacturing Cybersecurity Consortium (SMCC). Prior to joining APG, he held various roles with Intel, the most recent of which was Staff Technologist, Manufacturing Equipment Automation and Security. He holds a B.S. in Computer Information Systems and an MSIM, MS in Information Management from W.P. Carey School of Business, Arizona State University, and an M.S. in Information Management from Arizona State.
Share