TSMC says variant of WannaCry virus brought down its plants
Video: WannaCry ransomware: Have the lessons been learned?
Featured
TSMC said the virus that brought down its semiconductor fabrication plants was a variant of WannaCry.
The company held a press conference and outlined what it has discovered so far.
As previously stated, TSMC, a major supplier to Apple's iPhone, said a "misoperation" led to the virus. TSMC had to bring plants offline on Friday and recouped 80 percent of capacity by late Sunday. The company will take a 3 percent revenue hit.
It's been a little more than a year since the gigantic WannaCry ransomware cyber attack caused chaos across the world, hitting more than 230,000 computers in total.
ZDNet asked in May whether enterprises have learned the lessons provided by the WannaCry attack. Apparently, TSMC didn't get the memo.
Also: Ransomware: An executive guide to one of the biggest menaces on the webWhat is malware? Everything you need to know about viruses, trojans and malicious software | Security 101: Here's how to keep your data private, step by step | Ransomware: An executive guide to one of the biggest menaces on the web | What is phishing? Everything you need to know to protect yourself from scam emails and more
In its post-mortem, TSMC said a software tool was installed and wasn't isolated or confirmed to be virus-free. When that tool connected to the network the WannaCry variant led to continual reboots.
Meanwhile, the virus infected fab tools and automated materials handling systems and related systems used Windows 7 without patched software as the interface. As a result, tools were inoperable.
TSMC did say that its computer systems with production information and customer data wasn't hit by the virus.
The company added that it patched the affected systems.
Now the next question is who or what organization put the variant into TSMC.
READ MORE ON CYBER CRIME:
- WannaCry ransomware was the biggest challenge of the year, says cybersecurity centre
- Your failure to apply critical cybersecurity updates is putting your company at risk from the next WannaCry or Petya
- 6 tips to avoid ransomware after Petya and WannaCry [TechRepublic]
- Bigger than WannaCry: A giant cyber attack will happen unless we rethink security, says GCHQ