Whoever oversees IT for TSMC’s factories is probably in hot water right now. The company suffered from a major virus attack recently that forced it to shut down some of its factories. TSMC has now stepped up and admitted that while the cause of the shutdowns was a virus infection, the ultimate cause of that infection was unpatched Windows systems. Initially, TSMC was vague about the exact cause only admitting that the issue was an unspecified computer virus.
TSMC has stated that the specific virus that infected its systems leading to the shutdown was WannaCry, which has previously been linked to North Korea. The WannaCry outbreak that caused the factories to shut down affected unpatched Windows 7 machines running critical processes in TSMC fab facilities.
WannaCry has been a global issue for companies and that specific virus also attacked UK hospitals and left them crippled. It was said at the time that a lack of basic IT security is what allowed the hospitals to be impacted so badly. It now sounds as if TSMC is in the same boat without basic IT plans in place. Microsoft had patches to protect against WannaCry in place for over a year now.
WannaCry is a ransomware program that coaxed victims to pay money to get their encrypted files back. That ransom could only be paid in bitcoin and the hackers behind the attack cashed out over $140,000 in ransom in August 2017. TSMC was able to get its operations back online quickly enough, but the downtime will have a negative impact on its quarterly revenue of around 3%. It’s unclear if TSMC paid any ransom to get its factories back up and running.