Tag Archive for: supplier

Chipmaker TSMC says supplier hit with ransomware, CIOSEA News, ETCIO SEA


Reuters-Taiwan Semiconductor Manufacturing Co 2330.TW said on Friday that a cybersecurity incident involving one of its IT hardware suppliers has led to the leak of the vendor’s company data.

TSMC has recently been aware that one of our IT hardware suppliers experienced a cybersecurity incident which led to the leak of information pertinent to server initial setup and configuration,” the company said.

TMSC confirmed in a statement to Reuters that its business operations or customer information were not affected by the incident.

The chipmaker said its hardware components are usually subjected to extensive checks and adjustments, including security configurations, before being installed in its systems.

TSMC stated it remained committed to raising security awareness among its suppliers and ensuring that they comply with security standards.

The cybersecurity incident is now under investigation by a Taiwan law enforcement agency, according to TSMC.

  • Published On Jul 3, 2023 at 08:04 AM IST

Join the largest community of IT industry professionals in Southeast Asia

Subscribe to our newsletter to get latest insights & analysis.

Get updates on your preferred social platform

Follow us for the latest news, insider access to events and more.

Source…

Hackers Claim $70 Million Ransomware Attack on TSMC, Hits Supplier Instead


 TSMC

TSMC

The LockBit ransomware group claims it has hacked TSMC, with TSMC stating that one of its suppliers has been breached. The cybercriminals are demanding a ransom of $70 million by August 6 and threaten to leak considerable amount of sensitive data. TSMC told SecurityWeek that its network had not been breached, but one of its IT hardware suppliers had indeed been hacked.

“TSMC has recently been [made] aware that one of our IT hardware suppliers experienced a cybersecurity incident, which led to the leak of information pertinent to server initial setup and configuration,” a statement by TSMC sent to Tom’s Hardware reads. “At TSMC, every hardware component undergoes a series of extensive checks and adjustments, including security configurations, before being installed into TSMC’s system. Upon review, this incident has not affected TSMC’s business operations, nor did it compromise any [of] TSMC’s customer information.”

In response to the security breach and in accordance with its security guidelines, TSMC immediately ceased data sharing with the affected supplier. TSMC indicated that this is a routine procedure given the breach. At present, a law enforcement agency is investigating this cybersecurity occurrence.

“After the incident, TSMC has immediately terminated its data exchange with this supplier in accordance with the Company’s security protocols and standard operating procedures,” the foundry stated. “TSMC remains committed to enhancing the security awareness among its suppliers and making sure they comply with security standards. This cybersecurity incident is currently under investigation [and] involves a law enforcement agency.”

ransomware

ransomware

The notorious ransomware group published its initial threat on June 29 and gave TSMC seven days to respond; otherwise, a vast amount of sensitive information would be published. It then extended the ‘deadline’ to August 6. The group published a screenshot containing an @tsmc.com email.

TSMC claims that it did not fall victim to the cyberattack. The supplier affected by the attack is Kinmax Technology, a Taiwan-based systems integrator specializing on networking, storage, database management and, ironically, security. Kinmax…

Source…

Ransomware attack on chip supplier causes delays for semiconductor groups


Disruption from a ransomware attack on a little-known supplier to the world’s largest semiconductor equipment manufacturers will continue into March, in a new setback to chip production after years of coronavirus-related delays.

US-based MKS Instruments told investors and suppliers this week that it had yet to fully recover from a “ransomware event”, first identified on February 3, in an attack that has strained supply chains for the global chip industry.

“We’ve begun starting up the affected manufacturing and service operations,” MKS chief executive John Lee said in a call with analysts and investors on Tuesday.

MKS’s customers include many of the largest companies that produce semiconductors and the specialised equipment necessary to manufacture them, including TSMC, Intel, Samsung and ASML.

The company had revealed on Monday that it could still take “weeks” more to restore operations and would cost hundreds of millions of dollars in lost or delayed sales. Most ransomware victims are able to recover in about three weeks, according to industry estimates.

The attack affected “production-related systems” as well as critical business software, MKS said earlier this month, forcing it to suspend operations at some of its facilities. The Massachusetts-based company makes lasers, vacuum systems and other specialised equipment vital to chip manufacturing.

Lee has said the attack “materially impacted” its systems, including its ability to process orders and ship products in its two largest divisions, photonics and vacuum.

After delaying publication of its latest financial results, which were released on Monday, the company has now told the US stock market regulator that it is unable to file its annual report on time. Missing the extended deadline could result in a fine.

Its forecast of “at least” a $200mn hit to its current quarter’s revenues is about a fifth of the $1bn in sales that it had forecast before the attack. Analysts at Cowen, a broker, estimate the final impact on quarterly sales could total as much as $500mn — more than half what Wall Street had previously predicted.

“The full scope of the costs and related impacts of the incident has…

Source…

Hackers Attack UK Water Supplier, Sends Ransom Demand to the Wrong Company


Stock image of data breach

Hackers infiltrated the corporate-side of a utility that supplies water to about 1.3 million people in the United Kingdom. However, the apparent data breach may not have been the one the cyber-criminals were aiming for.

Ransomware gang ClOP (previously responsible for one of 2021’s biggest hacks) claimed to have infiltrated Thames Water, the United Kingdom’s largest drinking water utility, on Monday, according to a report from Bleeping Computer. However, the utility denied any breach of its system. Meanwhile, another UK utility, South Staffordshire Water, confirmed it was attacked.

Thames Water services 15 million people, more than ten times the scale of South Staffordshire. So, although any attack on a public utility is clearly bad, there’s a big difference between the scale of what ClOP claimed and what utilities copped to.

Screenshot of Thames Water tweets

Hackers’ Claims Against Utilities

South Staffordshire PLC (the parent company of South Staffordshire Water) admitted its corporate IT network had been accessed by hackers, in a public statement published Monday. However, SSW didn’t indicate that they’d been contacted for ransom. “We are experiencing disruption to our corporate IT network and our teams are working to resolve this as quickly as possible. It is important to stress that our customer service teams are operating as usual,” the company wrote. The water provider further claimed that “this incident has not affected our ability to supply safe water.”

Aside from the company statements, evidence of the reported cyber-criminal confusion appeared in screenshots that Bleeping Computer published from ClOP’s Tor site. The cyber gang reportedly wrote that they had breached and “spent months in” Thames Water’s system. However, to back up their hack success, they posted email lists clearly associated with South Staffordshire Water (not Thames)…

Source…