In the afternoon, TSMC issued a remark that the computer virus was infected in the evening of the 3rd, affecting some computer systems and factory machines in Taiwan. The degree of virus infection varies from factory to factory. The reason for the virus infection is the process of installing software on the new machine. The operation error occurred, so the virus spread when the new machine was connected to the company's internal computer network, but TSMC's data integrity and confidential information were not affected.
The director of domestic large-scale enterprises said that the machine that TSMC calls should be the machine used to manufacture the wafer. The machine that manufactures the wafer is actually driven by the computer, and the production materials are collected. Line progress, yield, etc. So the machine is not only connected to the computer, but also can be regarded as a small computer.
The director of the security department said that from TSMC's reconsideration, the virus may be mainly from the program system of the new machine. When the new machine is to be installed, the staff may not fully implement the anti-virus work, or there may be no machine to clean the virus at all. SOP. ' Ten thousand machines, as long as one is poisoned, it will infect other'. Because the machine itself is interconnected, the virus spreads quickly.
The supervisor pointed out that everyone knows that TSMC has strict control over information equipment. Employees cannot bring mobile phones, computers, and USB into the company. However, TSMC may not have the same control intensity on the machine. In short, this is newly discovered. Security vulnerability.
The supervisor said that there may be two ways to spread the virus. The first is that all three fabs have new machines installed, and at the same time operational errors. The second is between the fab and the fab. Lutong, so the virus spread from the first fab to other factories. If it is the second situation, customer confidence will be greatly affected.
As for whether it is possible that TSMC has not implemented anti-virus, but a new virus has caused trouble? The supervisor said that if there is no virus of the same kind in the world after 3 or 5 days, it is necessary to confirm whether it is a customized virus, that is, For TSMC, 'in this case, it is obvious that the specific attack on TSMC'. The rumor is a blackmail virus, but he said that the ransomware requires a network environment and is unlikely to occur in the physical isolation line.