[BreachExchange] TSMC says variant of WannaCry virus brought down its plants

[Destry Winant]

https://www.zdnet.com/article/tsmc-says-variant-of-wannacry-virus-brought-down-its-plants/

TSMC said the virus that brought down its semiconductor fabrication
plants was a variant of WannaCry.

The company held a press conference and outlined what it has discovered so far.

As previously stated, TSMC, a major supplier to Apple's iPhone, said a
"misoperation" led to the virus. TSMC had to bring plants offline on
Friday and recouped 80 percent of capacity by late Sunday. The company
will take a 3 percent revenue hit.

It's been a little more than a year since the gigantic WannaCry
ransomware cyber attackcaused chaos across the world, hitting more
than 230,000 computers in total.

ZDNet asked in May whether enterprises have learned the lessons
provided by the WannaCry attack. Apparently, TSMC didn't get the memo.
See also: Ransomware: An executive guide to one of the biggest menaces
on the web

In its post-mortem, TSMC said a software tool was installed and wasn't
isolated or confirmed to be virus-free. When that tool connected to
the network the WannaCry variant led to continual reboots.

Meanwhile, the virus infected fab tools and automated materials
handling systems and related systems used Windows 7 without patched
software as the interface. As a result, tools were inoperable.

TSMC did say that its computer systems with production information and
customer data wasn't hit by the virus.

The company added that it patched the affected systems.

Now the next question is who or what organization put the variant into TSMC.