Tag Archives: swks

Chinese ZTE Sanctions Over Iran Sales Could Hurt Apple Chipmakers

A new U.S. export ban against Chinese mobile gear maker ZTE related to its under-the-table sales to Iran could hurt  Apple ( AAPL ) chip suppliers Qualcomm ( QCOM ), Qorvo ( QRVO ) and Skyworks Solutions ( SWKS ), a Pacific Crest analyst wrote Wednesday. Regulators imposed the sanctions Tuesday, alleging that ZTE used four shell companies in China and Iran to “illicitly re-export controlled items to Iran in violation of U.S. export control laws.” The ban prohibits U.S. companies from selling to ZTE. Chinese foreign minister Wang Yi opposed the sanctions, saying that ZTE’s tech purchases support thousands of U.S. jobs, according to the AP. Chipmakers Cavium ( CAVM ), Integrated Device Technology ( IDTI ), Silicon Laboratories ( SLAB ) and Xilinx ( XLNX ) also sell to ZTE. “This approach will only hurt others without necessarily benefiting oneself,” Yi said at a new conference Tuesday. ZTE isn’t banned from selling products in the U.S. but cannot procure components from U.S. companies. U.S. firms can apply for an export license, but Pacific Crest analyst John Vinh sees the government unlikely to grant them. The development could shuffle the smartphone market. ZTE owns about 4% of the global smartphone market, Vinh wrote. Industry tracker IDC says that ZTE competes alongside Xiaomi and Huawei in the low-end to midrange smartphone market, vs. No. 1 smartphone vendor Samsung. Vinh expects short-term effects on chipmakers to be “negligible.” Longer term, he says that ZTE could lose share to Huawei, Ericsson ( ERIC ), Alcatel-Lucent ( ALU ), Nokia ( NOK ), Siemens ( SIEGY ), Xiaomi, Oppo and Lenovo. “Alternatively, ZTE could conform to the U.S. embargo list, which could result in sanctions being lifted,” he wrote. Xilinx is most at risk, with 3%-3.5% of total revenue stemming from sales to ZTE, Vinh estimates. Silicon Labs follows with 2%-2.5% of total revenue wrapped in ZTE sales. IDT, Qualcomm and Qorvo are each 2% tied to ZTE, Cavium 1%-2%, and about 1.5% of Skyworks’ sales stem from the Chinese smartphone maker. Wall Street largely yawned Wednesday, however. Midday on the stock market today , only Qualcomm stock was down, dipping a fraction. Cavium stock was up a fraction. Shares of Qorvo, Silicon Labs, Skyworks and Xilinx were all up more than 1%. Integrated Device Technology stock was up more than 2.5%.

Samsung Galaxy S7: Qualcomm, Qorvo Displace Cirrus Logic, Broadcom

Apple ( AAPL ) supplier Qualcomm ( QCOM ) quintupled its content in the Samsung Galaxy S7 smartphone as radio frequency-chipmaker  Broadcom ( AVGO ) repeatedly lost share to rival Qorvo ( QRVO ), a ChipWorks teardown  shows. The ChipWorks teardown was last week, but it was highlighted in a research report Monday by Needham analyst Rajvindra Gill. InvenSense ( INVN ), another Apple supplier, apparently lost the GS7 gyroscope to STMicroelectronics ( STM ). InvenSense stock was down 1.5% in midday trading on the stock market today . STMicro stock was up a fraction. Three  Skyworks Solutions ( SWKS ) chips were completely replaced in the GS7. Key winners in getting their chips inside the new phone, besides Qualcomm and Qorvo, included  NXP Semiconductors ( NXPI ) and Maxim Integrated Products ( MXIM ). Although Broadcom retained a power amplifier, rival Qorvo swiped two Broadcom components from the GS7. But Broadcom replaced a Skyworks multiband module (a power amplifier). Last week, Broadcom CEO Hock Tan bragged that the chipmaker has increased its content by 20% every year for its “North American customer,” which analysts said is the Apple iPhone, and that another bump is expected with the release of the next iPhone, the iPhone 7, due out in September. Meanwhile, though, Broadcom is de-emphasizing its mobile unit, which will comprise 23% of Q2 sales, down from 32% in Q1, as smartphone shipments slow amid a saturated market. Samsung lowered its own chip content in the GS7 vs. the GS6. Qualcomm took four chips (including the application processor) from Samsung and replaced Cirrus Logic ( CRUS )/Wolfson on an audio chip. SK Hynix, NXP and Maxim each replaced a Samsung component. But Samsung swapped STMicroelectronics’ touch controller in the GS6 for its own controller in the GS7. And Texas Instruments ( TXN ) lost the wireless power receiver to Integrated Device Technology ( IDTI ).

Hackers, Insiders Can Threaten M&A Activity, Say IBM, Fortinet

Chinese hackers had already roamed Nortel’s systems for nearly 10 years when, five years after the breach discovery, business communications firm Avaya acquired bankrupt Nortel Enterprise Solutions — and, unknowingly, also acquired that company’s attackers. That was a bellwether moment for the M&A world, says Caleb Barlow,  IBM ( IBM ) vice president of security. Until then, an acquisition target’s cybersecurity situation wasn’t a box on the usual M&A checklist. “It was the moment everyone in the M&A community woke up,” Barlow told IBD. “They said, ‘We better be looking at their security posture as well, otherwise you could not only legitimately acquire the company, but also the attacker.” As Barlow recounts, Nortel’s downfall came down to seven passwords, including the chief executive officer’s. Hackers with Chinese IP addresses gained access to Nortel’s network as early as 2000 and so thoroughly dug in that they weren’t discovered until 2004. Avaya, which acquired that Nortel business for $900 million in 2009, didn’t learn of the breach until after its acquisition closed. And even then, the hackers were still entrenched in the system. “No one had really thought about this type of problem before because cybersecurity wasn’t one of the normal things you’d think about in the M&A process,” Barlow said. “In my view, it’s now a critical component.” Quantifying Risk In A Bidding War Consulting firm Deloitte found 70% of 2,500 firms surveyed in 2015 considered security to be a “high” or “very high” priority in M&As. That’s up from 64% in 2014. Both corporate and private equity respondents increased their due diligence efforts over the span of the year. But also in the 2014 Deloitte survey, 78% of firms said security wasn’t a general piece of M&A due diligence, and 66% said rapid-fire M&A bidding made cyber risks “very difficult” to quickly quantify. Deloitte didn’t reiterate those questions in its 2015 survey. Rapid-fire M&As include  Apple ( AAPL ) chip supplier Skyworks Solutions ( SWKS ) and Microsemi ( MSCC ) last year facing off in a month-long bidding battle for PMC-Sierra ( PMCS ). Due diligence might or might not have been rushed in that deal, but such aggressive bidding wars are infrequent, Fortinet ( FTNT ) CFO Drew Del Matto told IBD. More often, an acquirer examines a target’s products, financials, policies and systems. IT security is just a new layer of the necessary due diligence. This mindset is new, and there are built-in risks with every piece of due diligence, NSS Labs CEO Vikram Phatak says. NSS Labs independently tests and reports on the efficiency of cybersecurity products, similar to Consumer Reports. It’s likely an acquirer has “a really good handle on the debt the company will have, the expense structure of the company, the historical growth rates,” he told IBD. “Where you get a little sticky is they may not have time to do all the (security-related) due diligence by calling the customers.” Cybersecurity works along the same lines, Phatak says. Tech companies, especially, should have a keen understanding of the security measures in place, BitSight CEO Stephen Boyer told IBD. BitSight rates the cybersecurity posture of about 40,000 companies, similar to a FICO score, so customers can assess their own security risk but also the risks of potential or current partners, vendors and customers. “If you go in and say, ‘Who’s in charge of this (security)?’ and everyone looks around, then you probably have a problem,” Boyer said. Avoiding Post-Merger Slip Even including cybersecurity within due diligence isn’t a surefire protection, Boyer said. Former telecom provider Pacnet discovered a breach on April 3, 2015, after Telstra finalized its $697 million acquisition of Pacnet. Telstra was notified on April 16 — the day the merger completed. An SQL code injection on a Pacnet Web service application server opened hackers to the network, email and administrative processes. Acquirers should be “monitoring that window of due diligence up until the week the deal closes,” Boyer said. “Monitor it all through the process, because there would be a slip-up along the way.” Before signing off on a merger, an acquirer should get a sense of the target’s cybersecurity culture, Barlow says. Examine past incidents — processes, logs and reports. if those documents aren’t available, then there might be a problem. That goes double for a tech company. “If they don’t have those policies in place, then you start asking other questions,” Barlow said. “If they weren’t paying attention to security, what else weren’t they looking at?” Phatak suggests acquirers also scope out a target’s security vendors. Not every cybersecurity vendor is built the same and the quality of a target’s security purchases can be very telling, he told IBD. “Make sure the company you’re acquiring didn’t skimp on security,” he said. “(Products) are not all equal, but from a compliance perspective, a check-box perspective, they all look the same.” Breaches From The Inside Del Matto estimates two-thirds of breaches come from the inside, at the hands of either careless or disgruntled employees. M&A, often accompanied by layoffs, can breed the latter. “When people feel like they’re at risk, they’re more likely to do something that may expose the company to a cyber risk,” Del Matto said. More benign actions, like inadvertently visiting an infected website, can lead to malware attaching on the system. But Del Matto is more concerned about the damage a disgruntled employee with absolute access can wreak. Barlow suggests a company identify its “crown jewel” and then tuck it into a protected place with limited access. That crown jewel could be IP, financial information, client lists, personal information — basically anything worth stealing, Phatak told IBD. “If someone is able to get into the customer list, they could see what deals are in the (pipeline),” Del Matto said. “They may monetize those by selling them or, worse, leaving the company with those lists in their hands.” Beyond guarding that data, an M&A-engaged company should embrace employees into the new culture, he said. Because, “when you buy a company, you buy a competitive advantage. If that leaks out in some other way, you’re destroying the value of the M&A.”