Anyone else remember when Colonial Pipeline was attacked? The "ransomware as a service" platform[0] stepped in to say "oops, sorry, never mind" when they realized they'd attracted more attention than they were prepared for[1]:<p>> We are apolitical, we do not participate in geopolitics, do not need to tie us with a defined government and look for other our motives.<p>> Our goal is to make money and not creating problems for society.<p>> From today, we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.<p>This one isn't causing immediate disruptions to regular people in the US, but it's still geopolitical-level meddling. If you want to run around mugging people, it's best to avoid robbing the police chief's best friend.<p>[0] <a href="https://www.state.gov/darkside-ransomware-as-a-service-raas/" rel="nofollow noreferrer">https://www.state.gov/darkside-ransomware-as-a-service-raas/</a><p>[1] <a href="https://www.theverge.com/2021/5/10/22428996/colonial-pipeline-ransomware-attack-apology-investigation" rel="nofollow noreferrer">https://www.theverge.com/2021/5/10/22428996/colonial-pipelin...</a>
TSMC says they were not breached through Kinmax - only Kinmax was breached.<p><a href="https://www.bleepingcomputer.com/news/security/tsmc-denies-lockbit-hack-as-ransomware-gang-demands-70-million/" rel="nofollow noreferrer">https://www.bleepingcomputer.com/news/security/tsmc-denies-l...</a>
>LockBit targeted TSMC through one of its suppliers, Kinmax Technologies, an IT services provider specializing in networking, cloud computing, storage, security, and database management.<p>The bit about security is ironic.
I'm curious what the real goal is with demands like this.<p>Surely, given the size of the demand, it is beyond the authority of TSMC to pay up, even _if_ they wanted to?<p>I imagine governments and authorities with any sort of stake in what could possibly be done with such a sum of money (it's unlikely to be used for Good, right?) would have an oversized say in whether or not they are allowed to pay it?<p>Is there recent precedent for ransoms of this size being paid?<p>What kind of data could they actually have "stolen" that's worth TSMC paying up $70M, rather than just writing it off?
>“Upon review, this incident has not affected TSMC’s business operations, nor did it compromise any TSMC’s customer information. After the incident, TSMC has immediately terminated its data exchange with this concerned supplier in accordance with the Company’s security protocols and standard operating procedures,” the company’s spokesperson told Cybernews.<p><a href="https://cybernews.com/news/tsmc-data-breach-lockbit/" rel="nofollow noreferrer">https://cybernews.com/news/tsmc-data-breach-lockbit/</a>
A cyber ransom demand at one of the most important companies in the world, a lynchpin of digital manufacturing is not reassuring at all. Can their security really be that bad?
>this incident could potentially disrupt the supply of semiconductors and impact GPU prices. The global chip shortage has already led to increased prices and limited availability of GPUs. A disruption at TSMC could exacerbate this issue, potentially leading to further price hikes in the market for GPUs.<p>This is a non-sequitr. Yes there was a cyberattack, but you presented no evidence as to how this could affect chip production besides giving a bunch of anecdotes to what a disruption would do. The rest of the article is informative but I just didn't understand this part.
I immediately think about what motivation China would have to do or not do something like this. As they get shut out of semiconductor technology and don’t actually have any real control over Taiwan, it seems like there is no downside other than not wanting to get caught.
At least three of their Annual Reports indicates they knew of the risk of attack.<p>Has there been any Ransomware Attacks that don't involve Windows machines?<p>"Risks Associated with Cyber Attacks<p>Even though TSMC has established a comprehensive internet
and computing security network, it cannot guarantee
that the Company’s computing systems which control or
maintain vital corporate functions ,such as its manufacturing
operations and enterprise accounting, would be completely
immune to crippling cyber attacks by any third party to
gain unauthorized access to its internal network systems,
to sabotage its operations and goodwill or otherwise. In
the event of a serious cyber attack, TSMC’s systems may
lose important corporate data and its production lines
may be shutdown indefinitely pending the resolution of
such attack. While TSMC also seeks to annually review and
assess its cybersecurity policies and procedures to ensure
their adequacy and effectiveness, it cannot guarantee that
the Company will not be susceptible to new and emerging
risks and attacks in the evolving landscape of cybersecurity
threats. These cyber attacks may also attempt to steal TSMC’s
trade secrets and other intellectual properties and other
sensitive information, such as proprietary information of the
Company’s customers and other stakeholders and personal
information of the Company’s employees. Malicious hackers
may also try to introduce computer viruses, corrupted software
or ransomware into the Company’s network systems to
disrupt its operations, blackmail it for regaining control of its
computing systems or spy for sensitive information. These
attacks may result in TSMC having to pay damages for its
delayed or disrupted orders or incur significant expenses
in implementing remedial and improvement measures to
enhance the Company’s cybersecurity network, and may also
expose the Company to significant legal liabilities arising from
or related to legal proceedings or regulatory investigations
associated with, among other things, leakage of customer or
third party information which TSMC has an obligation to keep
confidential. During 2017 and as of the date of this Annual
Report, the Company had not been aware of any material
cyber attacks or incidents that had or would expected to have
a material adverse effect on its business and operations, nor
had it been involved in any legal proceedings or regulatory
investigations related thereof.<p>In addition, the Company employs certain third party service
providers for TSMC and its affiliates worldwide with whom
the Company needs to share highly sensitive and confidential
information to enable them to provide the relevant services.
Despite that TSMC requires the third party service providers
to comply with the confidentiality and/or Internet security
requirements in its service agreements with them, there is no
assurance that each of them will strictly fulfill such obligations,
or at all. The on-site network systems of and the off-site cloud
computing networks such as servers maintained by such
service provider and/or its contractors are also subject to risks
associated with cyber attacks. If TSMC or its service providers
are not able to timely resolve the respective technical difficulties
caused by such cyber attacks, or ensure the integrity and
availability of its data (and data belonging to its customers
and other third parties) or control of its or its service providers’
computing systems, the Company’s commitments to its
customers and other stakeholders may be materially impaired
and its results of operations, financial condition, prospects and
reputation may also be materially and adversely affected as a
result." - <a href="https://investor.tsmc.com/static/annualReports/2017/english/pdf/e_11.pdf" rel="nofollow noreferrer">https://investor.tsmc.com/static/annualReports/2017/english/...</a>