Nothing brings to light the spookily anarchic nature of the international order more than cyber warfare. It's happening all the time, in that ethereal realm of bits and bytes—poking, prodding, testing. We might picture this as state agencies tampering with other state agencies, but the reality is often far from it, as demonstrated by a recent report from cybersecurity company Proofpoint's Threat Research team (via Mynavi).
This research shows how Chinese state-sponsored cyber attackers have been targeting the Taiwanese semiconductor industry. And this in itself, I'm sure, isn't exactly news, but Proofpoint explains that this has been at an "elevated level" over the past few months:
"Despite public reporting on semiconductor targeting from China-aligned threat actors, Proofpoint directly observed only sporadic targeting of this sector. Since March 2025, this shifted to sightings of multiple campaigns from different China-aligned groups specifically targeting this sector, with a particular emphasis on Taiwanese entities."
The cybersecurity company thinks these attacks are probably attempts at espionage aimed at beefing up its own tech: "This activity likely reflects China’s strategic priority to achieve semiconductor self-sufficiency and decrease reliance on international supply chains and technologies, particularly in light of US and Taiwanese export controls."
This risk—that if China is denied or restricted access to chips, it might look to develop its own competition—isn't exactly an unfamiliar one. Nvidia CEO Jensen Huang, for one, has been banging the drum of the need to "accelerate the diffusion of American AI technology around the world" rather than block its adoption abroad. Only last week, he reportedly said that "the American tech stack should be the global standard, just as the American dollar is the standard by which every country builds on."
So, it's certainly a familiar argument. And it's one that could even have had some weight in the recent decision to allow Nvidia to start selling H20 chips to China again. (And now I hear AMD might be joining the party, too? Boy, does the world of tech move fast.)
On the other hand, none of that is strictly about semiconductors (Nvidia being a fabless enterprise, after all). And if we think tech export restrictions, tariffs, and other isolationist US strategies are at least part of what's led to big recent semiconductor investments in the US, then there might be reason to consider such espionage threats 'worth it', so to speak. Who knows what the bigwigs use to weigh up those risk calculations.
Presumably, companies migrating to the US rather than Taiwan wouldn't do anything to stop these cyber attacks, though.
The attacks in question targeted "organizations involved in the manufacturing, design, and testing of semiconductors and integrated circuits, wider equipment and services supply chain entities within this sector, as well as financial investment analysts specializing in the Taiwanese semiconductor market."
This activity likely reflects China’s strategic priority to achieve semiconductor self-sufficiency ... particularly in light of US and Taiwanese export controls.
Mark Kelly and the Proofpoint Threat Research Team
They were primarily phishing attacks, some attempting to deliver a Cobalt Strike (this being a wide-spanning pentesting tool) or Voldemort backdoor (this being a "custom backdoor written in C") and another that attempted to tunnel data out and deploy a remote monitoring and management tool on targets "deemed of interest."
Again, spooky stuff, but bear in mind these attacks, even if they were very targeted (ie, spear-phishing), were still phishing ones. Which means they require you to fall for them and download an email attachment, for instance. Though saying that, phishing attacks of this level of sophistication can be hard to spot—Proofpoint explains that one attack actor "used compromised Taiwanese university email addresses to send their phishing email to recruitment and HR personnel."
Thus we find the state of corporate espionage today. Except I guess this is state-sponsored corporate espionage, which is expected, given how intertwined with the state the corporate world is in China. Perhaps those H20s will keep the hunger for such espionage low. Somehow, I doubt it.
