Tue, Aug 07, 2018 - Page 12 News List

TSMC says fully recovered from virus

UPDATING PROCEDURES:Chief executive officer C.C. Wei said the incident was due to a failure to follow protocol, not a cyberattack, internal breach, or USB sabotage

By Ted Chen  /  Staff reporter

Taiwan Semiconductor Manufacturing Co chief executive officer C.C. Wei speaks at a news conference in Taipei yesterday.

Photo: Wang Yi-sung, Taipei Times

Taiwan Semiconductor Manufacturing Co (TSMC, 台積電), the world’s largest contract chipmaker, yesterday said that it has fully recovered from a computer virus that struck the company on Friday evening last week.

Projected costs arising from the incident have been lowered to 2 percent of this quarter’s revenue, down from a previous forecast of 3 percent on Sunday, TSMC told a news conference at the Taiwan Stock Exchange in Taipei.

Gross margin would fall by 1 percentage point due to the cost of remedying the disruption to production, the company said.

TSMC had previously forecast revenue of US$8.45 billion to US$8.55 billion for the third quarter, meaning losses would range from US$169 million to US$171 million, while gross margin is expected to be between 47 and 49 percent this quarter, down from its earlier guidance of 48 to 50 percent.

TSMC confirmed that the virus, which affected its fab tools, was a variant of the WannaCry ransomware worm.

TSMC said the incident occurred when new equipment was installed and connected to the company’s private network without first being scanned in an isolated system and cleared of viruses.

The WannaCry worm, which is known for its ability to spread rapidly, infected other fab tools at other plants via the company’s private network, TSMC said.

The advanced 7-nanometer fabs took the longest to recover from the virus, it said.

“The incident was caused entirely by a failure to follow protocol,” TSMC chief executive officer C.C. Wei (魏哲家) said, denying rumors it was a targeted cyberattack, the work of an internal agent or an act of sabotage via a USB drive.

Wei said the company has not received any ransom demands and none of its data were encrypted by the virus.

“We are in the process of revamping our security protocols, which would remove the possibility of such an error recurring,” Wei said, adding that the new system would be hardwired to block unverified nodes from connecting to the company’s private network.

“We do not expect these security upgrades to greatly affect operating expenses,” Wei said.

It is difficult to ensure that all of the company’s Windows 7 machines have been updated with the latest security patches, as the process requires collaboration with equipment suppliers and can only be performed during downtime, he said.

Wei declined to identify the fab tool that was initially affected, or its supplier, and whether TSMC would pursue legal recourse.

“We have installed tens of thousands of fab tools,” Wei said, adding that it is not normal for tools that have come straight out of the box to carry viruses.

“Our sole priority right now is to maintain clear communication with customers,” Wei said.

TSMC would not be exposed to breach of contract penalties from delayed shipments, chief financial officer Lora Ho (何麗梅) said.

Insurers only offer protection products for losses resulting from theft of customers’ personal data, a situation that does not apply to the TSMC incident, Ho said.

TSMC shares yesterday dipped 0.61 percent to NT$245.5 in Taipei trading.

This story has been viewed 4443 times.

Comments will be moderated. Keep comments relevant to the article. Remarks containing abusive and obscene language, personal attacks of any kind or promotion will be removed and the user banned. Final decision will be at the discretion of the Taipei Times.

TOP top