Download PDF
Semiconductor Company Implements Deception to Stop Man-in-the-Middle Attacks
Technology Category
- Cybersecurity & Privacy - Intrusion Detection
- Cybersecurity & Privacy - Security Compliance
Applicable Industries
- Semiconductors
Applicable Functions
- Business Operation
Use Cases
- Intrusion Detection Systems
Services
- System Integration
- Training
The Challenge
The organization had been infiltrated by a Chinese hacker group using a man-in-the-middle attack that was able to successfully bypass their prevention systems and exfiltrate critical data. The security organization was instructed to improve their detection capabilities and get more reliable insight into threats that may be using tactics to steal credentials or use social engineering to penetrate the network. They needed a solution that would be able to detect subtle, in-network attacks as well as phishing and advanced threat protection. The biggest challenge this organization was facing was manpower. In addition to the numerous alerts generated by their prevention and other security devices, the infosec team was receiving 45-50 suspicious emails a day. The team was so severely burdened that they were rarely able to go through the backlog and investigate all of the potential threats that they were alerted to.
About The Customer
A global semiconductor manufacturer faced significant cybersecurity challenges, particularly from a Chinese hacker group that had successfully executed a man-in-the-middle attack, bypassing existing prevention systems and exfiltrating critical data. The company needed to protect its intellectual property and improve its detection capabilities to identify and respond to subtle, in-network attacks, phishing attempts, and advanced threats. The infosec team was overwhelmed with numerous alerts and suspicious emails, making it difficult to investigate all potential threats. The company required a solution that could provide reliable insights into threats, reduce false positives, and enhance their overall security posture across multiple locations worldwide.
The Solution
To ensure full coverage, the organization deployed the Attivo ThreatDefend Deception and Response Platform on all the VLANs in their network to specifically detect man-in-the-middle and lateral movement attacks. Additionally, the infosec team took full advantage of the analysis engine provided by the ThreatDefend Platform to more efficiently correlate attack information and for forensic reporting. Additionally, they automated the phishing email analysis process, providing a consistent way to analyze suspect emails and ensuring that all submitted samples are analyzed. The team was also able to achieve control of their alert volume since the Attivo solution alerts were all based on engagement and all represented either a threat or a misconfiguration that could become an attacker entry point. Since the organization has many locations, they needed a solution that would be able to protect their networks that are physically very far apart. Using virtual versions of the ThreatDefend solution, they deployed deception technology across offices in three different countries spanning two continents to cover their manufacturing, design, and management offices. Given the efficiency of this solution, deployment was fast and did not require additional staff to operate a global deployment.
Operational Impact
Quantitative Benefit
Related Case Studies.
Case Study
KINESYS Semiconductor Factory Automation Software
KINESYS Software provides both Integrated Device Manufacturer (IDM) and Original Equipment Manufacturer (OEM) customers world-class software products and solutions for advanced wafer and device traceability and process management. KINESYS offers state of the art database technology with a core focus on SEMI standards. KINESYS’ challenge was to make back-end processing failure-free and easy to use for clients while supporting licensing models more adaptable to changing industry needs.
Case Study
Modular AI Defect Inspection Solution for Efficient Semiconductor Equipment Upgrades
Smasoft Technology Co., Ltd., a System Integrator that develops industrial automation software and offers AI application solutions, was commissioned by a semiconductor equipment manufacturer to implement AI inspection features into their Extreme Ultraviolet Light (EUV) pod inspection machines. The existing AOI software in the EUV pod inspection machines could only identify defective products but could not trace the cause of the defects. The manufacturer wanted to upgrade their machines with AI features to make the products more useful. The AI solution needed to complete the analysis of 380 images for a single pod within two minutes and inspect different materials simultaneously. This required multiple sets of AI models for interpretation. The solution also needed to be installed in a cabinet in the lower half of the machines, which posed a challenge due to the limited space. Smasoft needed to purchase a hardware solution with strong computing performance, stable operation, compact size, and flexible configuration to overcome these challenges.
Case Study
Rapid Hybrid Services Deployment for Global Semiconductor Company
The U.S. manufacturer of engineered materials, optoelectronic components, and semiconductors was focused on growth through mergers and acquisitions (M&As). In 2019–2020, it acquired a global electronics firm and needed immediate connectivity and visibility into the acquired firm’s geo-distributed operations. The company had a highly compressed timeline, with only days to integrate the firm’s DDI operations, while deferring a full network migration to a future date. The company was actively engaged in acquiring and merging strategically aligned companies as a key global growth strategy. The company needed to rapidly integrate its new operations, which included significant remote locations in Asia. The company turned to Infoblox to quickly design a highly secure, available, and reliable solution that could deliver full visibility into new sites. It needed dynamic scalability to accommodate its growing operations and the ability to unify a disparate, geo-diverse infrastructure.
Case Study
Optimizing Semiconductor Manufacturing Yield with IoT
A large U.S.-based manufacturer of high-performance semiconductors was facing a significant challenge in optimizing the manufacturing process of its wireless products. The company, which designs and delivers a broad set of cutting-edge products including radio frequency filters, amplifiers, modulators, attenuators, and more, was experiencing lower than expected overall yield in some of its most complex products. This was affecting the company's productivity and profitability, and there was a need for a solution that could predict low-yield wafers early in the process and identify process improvements to increase overall yield.
Case Study
Leveraging Xenko Game Engine for Immersive VR Experiences: A StarBreach Case Study
Silicon Studio, the developer of the open-source cross-platform game engine Xenko, was looking to showcase the impressive graphical capabilities of their product. They aimed to demonstrate the engine's compatibility with VR and its ability to deliver high-quality virtual reality experiences and games. To achieve this, they needed to create a demo game, StarBreach, that would effectively highlight these features. However, they required an experienced art production team that could create high-quality game art for StarBreach. The challenge was not only to create visually appealing assets but also to demonstrate the technological possibilities of the Xenko game engine.