Chip Giant TSMC Struggles With Virus Infections at its Factories

Many of the tech products launching this fall might have just run into production setbacks. From a report: Giant chip manufacturer TSMC has warned that several of its fabrication plants suffered virus infections on August 3rd, disrupting production. Some of these plants recovered in a "short period of time," it said, but others wouldn't resume business as usual for "one day." The company dismissed claims that this was a hack, but didn't initially provide details about the virus or the potential infection path. TSMC promised more information on August 6th.

not a hack

[iamagloworm]

just china sending a message

Re:not a hack

China doesn't attack Taiwan, you dumb-ass... It would be like Washington declaring war on Puerto Rico or something. This was the corrupt NSA or CIA, nothing else.

Re: not a hack

[tanghunterpoon]

My, you really ARE stupid...

Ditch Windows!

C'mon, folks. Ditch Windows already!

Re:Ditch Windows!

[DontBeAMoran]

Instructions unclear, birds flying in my house.

Re:Ditch Windows!

[HiThere]

You don't know that. It could have been an attack using Meltdown or Spectre, which is indifferent to the OS you are using. Why didn't you say "Ditch Intel", that would make as much sense.

Perhaps we'll have better info tomorrow.

Re:Ditch Windows!

[Tough+Love]

You don't know that.

You do know that. The few and far between cases where Linux gets exploited tend to receive gleeful and widespread press coverage of the name and shame kind. Causing Linux guys to double down and work twice as hard to make that not happen again. Never perfect, but undeniably damn good.

When the exploit vector isn't named in the article, you know damn well what it was.

Re:Ditch Windows!

[HiThere]

It's a reasonable guess, but it's a guess.

Re:Ditch Windows!

[Tough+Love]

It's a reasonable guess, but it's a guess.

It is a guess, but it's a damn good guess.

Re:You mean Murica? Or Russia?

[DontBeAMoran]

I'm not saying it was America, Russia or China...

but it was aliens.

A bunch of phone manufacturers are happy!

[williamyf]

I am certain that this is a small glitch, and will be resolved quite fast.

But nonetheless, it will serve as the perfect excuse for all sorts of manufacturers to either justify that the phones arrived late masking their own incompetence, or to slightly jack up the prices...

Ah, good times!

Re: A bunch of phone manufacturers are happy!

Except that you can't renegotiate a contract based solely on incompetence.

Go into work and tell your manager you can't get your work done "cuz viruses". Notice how you don't get an award and a raise. Further notice how you're out looking for a new job now.

Re: A bunch of phone manufacturers are happy!

I believe that in the case you suggested the "cuz viruses" might mean you caught a cold or influenza or one of those pesky virii that does not go away. Even in the Fascist States of America I do not think you can be sent off to look for a new job for being sick ... (however, in these modern days, who knows)

Re:A bunch of phone manufacturers are happy!

[Tough+Love]

Given a choice between malware outbreak and killer multi-patterning issues I would take the malware outbreak every time. But I would also instantly ban Windows inside the corporate perimeter, it's a simple cost benefit thing. Lord help them if they store primary engineering assets on Windows machines.

It only took a single full day meltdown for the London Stock Exchange to learn this lesson.

Re: A bunch of phone manufacturers are happy!

Are you living in employment freedom state, commonly call at will employment. Your boss can fire you for any or no reason whatsoever.

Re:A bunch of phone manufacturers are happy!

According to Techcrunch the TSMC virus episode was a vicious attack from China

Re:A bunch of phone manufacturers are happy!

[Tough+Love]

According to Techcrunch the TSMC virus episode was a vicious attack from China

Not quite right. According to Techcrunch, cyber attacks from China have been increasing. Not a surprise. But Techcrunch did not directly finger China for this one. Even if the Chinese government did it, which seems totally plausible, TSMC shares part of the blame for allowing Windows machines get on their network. Totally unbelievable for IT to be unaware that Windows is the primary attack surface.

To be sure, many or most of those IT guys are Windows sysadmins with a vested interest in keeping the status quo no matter what the cost to the company. Execs should get out of bed and show those guys the door immediately. (Google let them stay and retrain after the Chinese gov got caught penetrating Googleplex by way of Windows. Now you have to get approval from a VP to put a Windows machine on the network. Google does their business on Ubuntu and MacOS now.)

Industrial Strenght

[B.Stolk]

Lemme guess... ms windows?

Maybe a shop like that should always run an industrial strength OS?
(Read: Unix)

Re: Industrial Strenght

Maybe you should find a way to offer useful products on systems that run on Unix-related OSes.

Re: Industrial Strenght

When people say Unix they usually mean Linux. None of these are industrial strenght. If the claim is that virus-free OSes are industrial strenght then I'll gladly write you an OS.

My OS will naturally have no viruses, so it will definitely be industrial strenght.

I used to have Ubuntu Server on my big metal rig over here but it was so ridiculously unreliable that I had to remove it and reinstall Windows 10.

Re: Industrial Strenght

LOL. What a horrible troll attempt,

Re: Industrial Strenght

[astrofurter]

"big metal rig"

Is that like a lathe, or an oil drilling platform, or something?

Re:Industrial Strenght

[DontBeAMoran]

My home shop runs on MS-DOS and my work files are plain text files.
No Windows, no random executables, no networking, no problems.

First clue was

AC/DC playing in the background

Who does control you?

Inmho, the backdoors, the spectre/meltdown variants, the cyberweapons that had the U.S. three letter agencies, etc. could be the responsible of facilitating the infections of viruses in the factories of TSMC.

I remembered it, https://en.wikipedia.org/wiki/...

My new question is: why is TSMC being attacked?

Re:Who does control you?

Inmho, the backdoors, the spectre/meltdown variants, the cyberweapons that had the U.S. three letter agencies, etc. could be the responsible of facilitating the infections of viruses in the factories of TSMC.

I remembered it, https://en.wikipedia.org/wiki/...

My new question is: why is TSMC being attacked?

Give me a break. The problem is that they have these machines on the internet for some unknown reason, and even worse, they seem to be running Windows.

Anyone that has ever done any kind of sysadmin work knows that a machine plugged into the internet is under attack all the time.

Re:Who does control you?

They are probably not being attacked.

They probably managed to get Conficker or the Martina Nataralova virus, or maybe even the Monkey virus.

And it probably has nothing whatsoever to do with "who they are" but rather "how they do things".

Probably Intel

Who are butthurt that they can't reach 7nm in time.

Mission critical?

[Teun]

Mission critical ops on Windows???
As shareholder I'd consult a lawyer.

Re:Mission critical?

[gweihir]

Good luck with that. This practice is as demented as it is widespread.

Corporate sabotage?

[WorBlux]

Is someone over at Intel getting desperate?

USB Drives and Outdated Windows Installs

These factories, and broadly most factories making tech components, run a mishmash of ancient, unpatched copies of Windows, Linux, embedded systems, and PLCs together on a network mostly isolated from the internet. They end up getting contaminated by employees inserting USB drives and installing dictionary software or simply updating industrial software using their dirty drives from home. So itâ(TM)s not likely a cyber attack. Or if it is, itâ(TM)s one deployed in person.

My company worked in one such factory with QSMC (thus anon posting) and our machine got hit with nasty trojans and viruses so many times that eventually we epoxyed caps on all external USB ports and threw a lock on the case. Only then would the machine last more than a month without getting choked out by malware.

Now we only use windows PCs for prototyping and deploy as many locked down embedded systems as we can. Weâ(TM)re also migrating to Linux PCs because other manufacturers (not QSMC) are so tired of this shit that theyâ(TM)ve stopped allowing Windows in their factories at all.

Re: USB Drives and Outdated Windows Installs

Most fabs in the states have instituted a no-USB policy and theyâ(TM)ll walk you offsite if they catch you breaking it.

Re:USB Drives and Outdated Windows Installs

[Tough+Love]

Wow, it is posts like yours that make it worth wading through all the sludge.

Now we only use windows PCs for prototyping

Right, a lot of good engineering software runs only on Windows, but you don't need a Windows PC to run it, virtualization is highly effective and seamless these days. You do need a Windows license but only the most basic and the cost is trivial.

Beyond that, a lot of engineering tools come from small coding shops. Just pay for a Linux port. The big boys are already on Linux (BTW, more than a little interesting that ARM shows up in the selected support category.)

Re:USB Drives and Outdated Windows Installs

[guyniraxn]

You are correct in the mish-mash of operating systems found on semiconductor tools in production. Though TSMC has very strict policies against USB drives being used in their fabs. Getting caught with one as a contractor means being banned from all TSMC fabs for life. Employees have more leeway but they do need to justify why they would be using one at all. It is more likely something that was spread over the network as all tools are connected for automated host control. Keep in mind, there are still semiconductor capital equipment makers shipping new tools running Windows XP.

Noobs. US professionals aren't caught...

... inserting dopant-level hardware trojans.

Yes, that actually is a thing, nowadays.
*Throws everything out of the window*

The website is down

[Gabest]

Somebody clicked the "Recompute Base Encryption Key Hash Button" ... FAKE A VIRUS ATTACK!

Re:So proud of our country

[K.+S.+Kyosuke]

What, Air Force One doesn't have a bar?

Re:So proud of our country

Putin uses his KGB minions to attack US assets like TSMC in favor of Russian Chipmakers.

More likely an Israeli chip maker attacking an adversary who was recently announced to be the producer of server chips that beat it on TDP and performance.

Virus Infections?

What are doing, running Windows on their machines that they use to get work done?

That seems retarded.

Re:So proud of our country

[WindBourne]

TSMC is NOT US, but Taiwan.

Re:So proud of our country

[greenwow]

What's wrong with Gary Busey? He's a national treasure.

Re: So proud of our country

[astrofurter]

President Donald J TRUMP kicked my dog!!

Exactly

[ArchieBunker]

Some idiot probably opened an email attachment and hello ransomware!

Re:Exactly

[Tough+Love]

Some idiot running Window probably opened an email attachment and hello ransomware!

FTFY. You know it's true.

Re: Exactly

[CaffeinatedBacon]

In Windows, you probably didn't even need to open the attachment.

Re: Exactly

[DontBeAMoran]

In fact, with the latest version of Windows the security is so bad that you don't even need to receive the infected email!

Re: Exactly

In America without net neutrality you have to pay extra to receive the email and then pay even more for the patch to fix it.

I say patch but it's really just moving the holes around a bit.

Obligatory ditch Windows comment

[Tough+Love]

Obligatory: ditch Windows for Linux or at least MacOS inside the corporate perimeter like Google did. Whatever the perceived value of Windows, it just is not worth the never ending parade of fiascos such as this.

It's probably China

[DMJC]

Most likely the hack was being done by the Chinese government looking to catch up on CPU manufacturing technology. Taiwan operates as an independent nation and the Chinese have made it very clear that they intend to retake the island and are putting plans in motion to make it happen. Economic warfare against Taiwan by mainland China makes sense. Additionally China has made massive leaps in catching up to the USA with CPU manufacturing but is still behind on die process. Hacking TSMC would give the Chinese CPU designers a leg up.

Re:It's probably China

or Intel, since they are now so far behind on the nm race

Re:You mean Murica? Or Russia?

Intel's alien fanbois

Re: So proud of our country

C'mon Windy, everyone knows Taiwan is a part of the USA.

How fucking stupid can you be?

Most likely the hack was being done by the Chinese government looking to catch up on CPU manufacturing technology

No one can outmatch you on stupidity

Huawei, reportedly 'the spy company working for Chicom's PLA', needs TSMC to fab its Kirin cpu.

What good does it do for China if TSMC shuts down, bringing along Huawei, plus hundreds of other fabless joints from China?

Re: So proud of our country

Taiwan and Korea are both part of America. That's why Americans complain about the trade deficit with China but never give a second thought to the trade deficit with those 'countries'.

Windows got Viral ?

[stooo]

Go with Windows, Get Virus....
Get a Penguin, boost your engine.