• Directory of Taiwan

China compromised Taiwan chipmakers in hack of Dutch tech firm

Dutch media reports 'Chimera' espionage op targeting NXP also compromised 7 Taiwanese firms

(Pexels, Timo Miroshnichenko photo) 

(Pexels, Timo Miroshnichenko photo) 

TAIPEI (Taiwan News) — A series of cybersecurity investigations conducted in the Netherlands revealed that a Chinese hacking operation compromised the intellectual property of at least seven Taiwanese chip manufacturers over a multi-year operation.

In a report published on Nov. 24, Dutch newspaper NRC details a multi-year hacking and surveillance operation by a group known as "Chimera," which targeted the Dutch chip company NXP. The operation was only discovered in early 2020 when another Dutch company, KLM-owned Transavia, traced a breach in their online security to NXP’s servers.

In the course of a years-long investigation by cybersecurity firm Fox-IT and Dutch intelligence agencies, it was also discovered that at least seven Taiwanese chip makers had intellectual property compromised by the same threat actors, reported NL Times. The timeline would likely place the potential theft of Taiwanese firms' intellectual property between 2018 and early 2020.

The reports do not name which Taiwanese companies had data compromised by the Chimera hacking group. However, it is assumed that the information was gleaned via the firms’ involvement and communications with NXP.

Information on the operation was kept secret from the public by Dutch authorities and cybersecurity agencies for years. According to the General Intelligence and Security Service of the Netherlands, the Chimera group has been identified as a Chinese state actor with a high degree of confidence.

While NXP claims that the group did not do any material damage, they were able to surveil sensitive data on chip manufacturing technology for at least two years. After gaining access to the company’s servers, the hackers reportedly frequently checked for updates and used cloud services such as Google Drive, Microsoft OneDrive, and DropBox to save information.

The extent of the data that was leaked is not completely known, however the group’s access to Transavia and NXP servers was reportedly cut off in the spring of 2020. Innovation Origins reports that the Chimera group was most interested in chip designs and mailboxes full of sensitive personal information.