Nation-state actors drive attack surge
This strategic targeting became evident in recent high-profile campaigns. According to the report, Taiwan’s National Communications and Cyber Security Center confirmed that China-backed APT41 infiltrated at least six semiconductor organizations in July 2025, including chip designers, foundries, and equipment makers.
“Entry was gained via a tampered software update for a widely used industrial control application, after which the actors installed cross-platform backdoors, harvested credentials, and exfiltrated hundreds of GB of IP over weeks while blending into normal encrypted cloud traffic,” Saify said.
The attackers maintained persistence for nearly two months using dual-operating system backdoors, redundant command-and-control infrastructure, and stolen domain credentials. “This was IP-centric espionage, not disruption,” Saify explained. “Even companies that don’t make chips inherit risk through software updates and supplier links.”
