The outside world is highly concerned about the recovery of computer virus infection in TSMC. TSMC explained this afternoon that the cause of the virus infection was that the new machine was operating incorrectly during the installation of the software, so the virus spread when the new machine was connected to the company's internal computer network. Case.
TSMC pointed out that it has already controlled the scope of virus infection and found a solution. By 2 pm yesterday, about 80% of the affected machines have returned to normal. It is expected that all affected machines will return to normal before August 6.
TSMC said that the company's data integrity and confidential information have not been affected, and measures have been taken to make up for this security issue, and information security measures will be further strengthened.
Mao Jinghao, director of the Zi'an Institute of Technology, accepted a visit by the Central News Agency. The computer virus infection incident of TSMC should be based on 'how the virus invades', 'why the virus spreads', and 'why the virus spread so fast' Angle cut into observation.
First of all, the virus program is only a common name. The key point is that the enterprise security problem is a human factor. Whether it is a general virus program or a malicious program, it is designed by a specific person.
In the process of setting up the new machine, there should be no virus or malicious programs. If the virus program invades, it should be further questioned. Is the operating system of the new machine itself first implanted with a virus or malicious program, or what the engineer did? Things, let the virus or malware be implanted in the new machine.
Secondly, Mao Jinghao pointed out that the spread of virus programs or malicious programs, in addition to networking, the internal network firewall isolation is not exactly implemented, the network segment is not strictly controlled security, the implementation of isolation control, is also one of the key factors.
Furthermore, virus programs or malicious programs will spread so quickly, which is against the weakness of the intranet.
Anonymous industry insiders speculate that TSMC’s virus infection caused some factories to crash, which may be caused by internal employees operating the virus invading the private cloud system in Hsinchu, through the private cloud internal computer integrated manufacturing system (CIM) dispatch system. , distributed to Zhongke and some parts of Nanke.
The Nanjing plant, where TSMC is located in the mainland, has not been implicated. This person analyzed that it is possible that the Nanjing factory's CIM and machine information are combined, but the Nanjing factory's customer data and process confidential data are also returned to Hsinchu's private company. Cloud storage, why Nanjing factory is not affected by the virus, need to know more.
Yang Ruilin, research director of the Industrial Technology International Strategy Development Institute of the Industrial Technology Research Institute, said in an interview with the Central News Agency that the situation of large-scale enterprise security systems is usually human factors. Human factors include external hacking attacks, including internal staff negligence and personnel deliberate.
Yang Ruilin said that TSMC has ruled out external hacking attacks, but it is hard to imagine that the security situation will occur in the disciplined TSMC.
Mao Jinghao said that TSMC is an index semiconductor company that implements a very solid asset security. He is surprised to see that there will be a computer virus infection incident this time.
Unnamed industry sources pointed out that it is impossible to rule out the potential attack of hackers' voices, and TSMC is the world's most important wafer manufacturer. TSMC has mastered important customers and technical secrets of the US semiconductor industry, and key equipment is also in the United States. Related to, TSMC has a close stake in the United States. In the future, whether US government agencies will send personnel to Taiwan to conduct intensive anti-invasion operations at TSMC, which can be further observed.
Observing the follow-up development of virus infection in some factories in TSMC, Yang Ruilin pointed out that this should be 'small short and long space' for TSMC. It can grasp the complex security problems to the source in one day, show the rapid response capability of TSMC, and let TSMC actually Facing the security situation and accumulating valuable experience.
Mao Jinghao said that TSMC's infection from Hsinchu to some parts of Nanke's factory was also a sign that enterprises are entering the industry 4.0 and smart manufacturing stage. At the same time, the security protection is an important issue that must be actively maintained and upgraded.