Learning from TSMC: Take Action Now to Avoid Being the Next Manufacturing Virus Attack Victim

August 10, 2018

By now you may have heard that TSMC, the world’s largest semiconductor contract manufacturer was the latest victim of a virus attack that was significant enough to impact its revenue by as much as $171M(US). The company suffered severe effects to its production due to a variant of the WannaCry virus infection that impacted its computer systems and fab tools, affecting machines used to make chips and processors.

Extreme close-up portrait of a person wearing surgical mask and a hair net focused on their work.

TSMC was not the only victim, and unfortunately won’t be the last.  In 2017 Honda had to shut down production for a full day at its Sayama plant, northwest of Tokyo, which has a daily output of around 1,000 vehicles. According to the latest assessment of the World Economic Forum, the cost of cyber-crime to firms over the next five years could reach $8 trillion.

So, what can you do to avoid being the next victim? Read on to find out.

How to Protect Your Organization from Cyber Attacks

With the trend of IoT adoption on the rise, connecting plants and machines is an inevitable step if you want to stay competitive, but this doesn’t have to come at the expense of your security. When it involves the right level of security, remote connectivity can bring significant economic gains.

You need to focus on solutions that protect from both internal and external attacks. For internal attacks, as the ones that happened in Honda and TSMC, you need a solution that provides the control of all file transfers across the entire plant, supporting an internal policy that can be configured and for the system to allow full auditability.

Externally, you need to limit and control the access of third parties like system integrators (SI) and tool providers. That way, all the data passes through a centralized inspection zone allowing your organization to avoid risks of internal contamination. You need a solution that delivers secure, configurable end-to-end remote IoT connectivity across a closed, private network to allow machine owners, SIs, and OEMs to remotely collaborate in ways that improve equipment performance at every stage of the process and lifecycle while protecting valuable intellectual property (IP).

What You Can Learn from TSMC

The TSMC incident is a perfect case in point.  The published reporting of the incident mentions that the virus was infected during an OEM software upgrade – software provided by the OEM without a virus scan. Had those infected files been delivered to the OEM’s tool via an ISO/IEC 27001 certified secure software platform like Telit secureWISE™, they would have been quarantined and not allowed to be transferred to the tool.

SecureWISE gives a fab full control of how, when, and what tools can be accessed, assuring that OEMs or SIs don’t have any unauthorized direct access to production tools. Furthermore, built-in role-based access functions give the machine owners a detailed audit trail with comprehensive reporting and business analytics of all activities.

The lesson to be learned by TSMC, Honda, and others is that if you want to avoid being the next victim, you need to lock down tool access, yet allow connectivity through a robust platform like Telit’s secureWISE.

Secure Remote Access to Production Tools - Get expert help protecting against viruses and unauthorized access - Request FREE Consultation