A computer virus outbreak on the evening of August 3 compromised Taiwan Semiconductor Manufacturing Co (TSMC), the world’s largest dedicated independent semiconductor foundry. The outbreak affected a number of computer systems and fab tools in Taiwan.
The virus that hit the company was in fact WannaCry, which was set against unpatched Windows 7 systems in the company’s fabrication facilities. As a result of the attack, a number of factories were damaged, with the outbreak costing the company some $170 million.
More about TSMC and the Attack
TSMC, headquartered in Hsinchu, Taiwan, is indeed the largest chip manufacturer in the world, supplying chips to Apple, Qualcomm, Nvidia, AMD among others. The company is also the sole supplier of Apple’s main iPhone processor. TSMC recently added 7 nanometer chips to its manufacturing processes. The nano chips should appear in new mobile devices from Apple and Samsung in the months to come.
Here is what the manufacturer’s official statement said about the attack:
The degree of infection varied by fab. TSMC contained the problem and found a solution. As of 14:00 Taiwan time, about 80% of the company’s impacted tools have been recovered, and the Company expects full recovery on August 6.
Was this a targeted attack? TSMC says no. Since data integrity and confidential information haven’t been compromised, the company believes the attack wasn’t the work of a hacker.
According to CEO C.C. Wei, the attack is purely due to the company’s own negligence. Wei also said that he doesn’t think there is any hacking behavior involved.
Why were the company’s systems unpatched?
There is a logical explanation, and it is related to the so-called WannaCry kill switch. According to many cybersecurity researchers, TSMC’s fab production systems are not directly connected to the internet. This is mostly a good thing since it makes enterprise systems less vulnerable to viruses distributed via the internet.
Unfortunately, the very same thing also means that WannaCry-infected systems would not have been able to reach the so-called “kill switch”, which otherwise could have prevented a WannaCry outbreak, explains Kevin Beaumont, a U.K.-based security researcher.
The expert responsible for the effective WannaCry kill switch, Marcus Hutchins, was arrested last year by the FBI on six charges for conspiracy. Also known as MalwareTech and several other aliases, he created the special kill switch that was able to counter the dangerous attacks caused by the WannaCry ransomware.
WannaCry is still successfully compromising organizations. In March this year, a ransomware outbreak hit a small number of Boeing non-production systems. It was later reported that the ransomware in question was indeed WannaCry.
As for TSMC, the company says it is going to improve its operating procedures, and will also “continue to keep abreast computer virus trends, immediately perform appropriate anti-virus measures in its fabs and further strengthen information security”.