TSMC cyber attack was apparently caused by WannaCry

The attack may have cost the iPhone component manufacturer up to 3% of revenues

The cyber attack on iPhone supplier TSMC was apparently caused by a WannaCry variant, the company has revealed. 

The severity of the attack caused the company to shut down some of its factories while the issue was fixed, which meant some plants were out of action for days. Although the problem has mostly been rectified now, it says it's still expecting shipments to be delayed for some time.

Advertisement - Article continues below

The virus was injected into TSMC's systems when a supplier reportedly installed infected software onto some of its machines, without running an antivirus scan. The infection then spread to other locations within the company's network in Tainan, Hsinchu and Taichung, which caused the majority of its facilities to close down temporarily. It's predicted the outage will result in 3% revenue losses for this year.

"We are surprised and shocked," the company's CEO CC Wei said in a statement. "We have installed tens of thousands of tools before, and this is the first time this happened."

But TSMC is determined to learn from its mistakes and it says it now plans to implement better safeguards against such threats in future, relying on machines and automation rather than humans to protect systems.

"We now realize it is not possible for humans not to make mistakes, so now we are inventing a new mechanism that will go online soon. The mechanism doesn't require human intervention."

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

06/08/2018: Weekend virus attack may cost iPhone supplier TSMC $255m

A virus that hit chipmaker TSMC over the weekend could cost the Apple iPhone supplier $255 million.

Contract manufacturer Taiwan Semiconductor Manufacturing Co said the security incident started on Friday night, when a new tool's software installation failed, requiring it to be connected to the company's wider network, TSMC said in a statement. That let the virus spread, knocking offline an unspecified portion of TSMC's factories in Taiwan.

"This virus outbreak occurred due to misoperation during the software installation process for a new tool, which caused a virus to spread once the tool was connected to the Company's computer network," the company statement reads.

TSMC added: "The degree of infection varied by fab. TSMC contained the problem and found a solution."

The company said 80% of its production facilities were back online, with full recovery by today, but the limited downtime would cost TSMC 3% of its quarterly revenue, which the FT suggested would amount to 255 million. The company added that any shipments delayed by the outage would be made up in the final quarter of the year normally a busy period for tech hardware sales.

Advertisement - Article continues below

TSMC makes processors for the Apple iPhone but also acts as the contract manufacturer for "fabless" chip designers such as Nvidia and AMD, among many others.

Analysts told Reuters that the impact on TSMC's customers should be limited. KGI Securities predicted delays to the chips for the next iPhone launch but noted that manufacturers normally prepare a surplus anyway, so it shouldn't impact Apple's release cycle.

"Long-term, TSMC's trustworthy image is somewhat tainted but it is hard to quantify the effect now," said Mark Li, an analyst at Sanford C. Bernstein, in a report cited by Reuters. 

TSMC said customers had been notified of the incident and the new delivery schedule, adding that at no time was data at risk. "Data integrity and confidential information was not compromised," the statement said. "TSMC has taken actions to close this security gap and further strengthen security measures."

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now
Advertisement
Advertisement

Recommended

Visit/software/video-conferencing/355410/zoom-50-adds-256-bit-encryption-and-ui-refresh
video conferencing

Zoom 5.0 adds 256-bit encryption to address security concerns

23 Apr 2020
Visit/security/hacking/355382/whatsapps-flaw-shoulder-surfing
hacking

WhatsApp flaw leaves users open to 'shoulder surfing' attacks

21 Apr 2020
Visit/security/cyber-security/355368/microsoft-builds-ai-to-detect-security-flaws-with-99-accuracy
cyber security

Microsoft AI can detect security flaws with 99% accuracy

20 Apr 2020
Visit/security/vulnerability/355276/businesses-brace-for-second-fujiwhara-effect-of-2020-as-patch-tuesday
vulnerability

Businesses brace for second 'Fujiwhara effect' of 2020 as Patch Tuesday looms

9 Apr 2020

Most Popular

Visit/mobile/5g/355712/nokia-5g-speed-record
5G

Nokia breaks 5G record with speeds nearing 5Gbps

20 May 2020
Visit/cloud/cloud-computing/355742/microsoft-launches-public-cloud-service-for-health-care
cloud computing

Microsoft launches public cloud service for health care

21 May 2020
Visit/software/video-conferencing/355596/house-of-commons-to-ditch-zoom
video conferencing

House of Commons to ditch Zoom in favour of British alternative

11 May 2020