Learning from TSMC: Take Action Now to Avoid Being the Next Manufacturing Virus Attack Victim
By Ricardo Buranello
August 10, 2018
By Ricardo Buranello
August 10, 2018
By now you may have heard that TSMC, the world’s largest semiconductor contract manufacturer was the latest victim of a virus attack that was significant enough to impact its revenue by as much as $171M(US). The company suffered severe effects to its production due to a variant of the WannaCry virus infection that impacted its computer systems and fab tools, affecting machines used to make chips and processors.
TSMC was not the only victim, and unfortunately won’t be the last. In 2017 Honda had to shut down production for a full day at its Sayama plant, northwest of Tokyo, which has a daily output of around 1,000 vehicles. According to the latest assessment of the World Economic Forum, the cost of cyber-crime to firms over the next five years could reach $8 trillion.
So, what can you do to avoid being the next victim? Read on to find out.
With the trend of IoT adoption on the rise, connecting plants and machines is an inevitable step if you want to stay competitive, but this doesn’t have to come at the expense of your security. When it involves the right level of security, remote connectivity can bring significant economic gains.
You need to focus on solutions that protect from both internal and external attacks. For internal attacks, as the ones that happened in Honda and TSMC, you need a solution that provides the control of all file transfers across the entire plant, supporting an internal policy that can be configured and for the system to allow full auditability.
Externally, you need to limit and control the access of third parties like system integrators (SI) and tool providers. That way, all the data passes through a centralized inspection zone allowing your organization to avoid risks of internal contamination. You need a solution that delivers secure, configurable end-to-end remote connectivity across a closed, private network to allow machine owners, SIs, and OEMs to remotely collaborate in ways that improve equipment performance at every stage of the process and lifecycle while protecting valuable intellectual property (IP).
The TSMC incident is a perfect case in point. The published reporting of the incident mentions that the virus was infected during an OEM software upgrade – software provided by the OEM without a virus scan. Had those infected files been delivered to the OEM’s tool via an ISO/IEC 27001 certified secure software platform like Telit secureWISE™, they would have been quarantined and not allowed to be transferred to the tool.
SecureWISE gives a fab full control of how, when, and what tools can be accessed, assuring that OEMs or SIs don’t have any unauthorized direct access to production tools. Furthermore, built-in role-based access functions give the machine owners a detailed audit trail with comprehensive reporting and business analytics of all activities.
The lesson to be learned by TSMC, Honda, and others is that if you want to avoid being the next victim, you need to lock down tool access, yet allow connectivity through a robust platform like Telit’s secureWISE.