At least three of their Annual Reports indicates they knew of the risk of attack.<p>Has there been any Ransomware Attacks that don't involve Windows machines?<p>"Risks Associated with Cyber Attacks<p>Even though TSMC has established a comprehensive internet
and computing security network, it cannot guarantee
that the Company’s computing systems which control or
maintain vital corporate functions ,such as its manufacturing
operations and enterprise accounting, would be completely
immune to crippling cyber attacks by any third party to
gain unauthorized access to its internal network systems,
to sabotage its operations and goodwill or otherwise. In
the event of a serious cyber attack, TSMC’s systems may
lose important corporate data and its production lines
may be shutdown indefinitely pending the resolution of
such attack. While TSMC also seeks to annually review and
assess its cybersecurity policies and procedures to ensure
their adequacy and effectiveness, it cannot guarantee that
the Company will not be susceptible to new and emerging
risks and attacks in the evolving landscape of cybersecurity
threats. These cyber attacks may also attempt to steal TSMC’s
trade secrets and other intellectual properties and other
sensitive information, such as proprietary information of the
Company’s customers and other stakeholders and personal
information of the Company’s employees. Malicious hackers
may also try to introduce computer viruses, corrupted software
or ransomware into the Company’s network systems to
disrupt its operations, blackmail it for regaining control of its
computing systems or spy for sensitive information. These
attacks may result in TSMC having to pay damages for its
delayed or disrupted orders or incur significant expenses
in implementing remedial and improvement measures to
enhance the Company’s cybersecurity network, and may also
expose the Company to significant legal liabilities arising from
or related to legal proceedings or regulatory investigations
associated with, among other things, leakage of customer or
third party information which TSMC has an obligation to keep
confidential. During 2017 and as of the date of this Annual
Report, the Company had not been aware of any material
cyber attacks or incidents that had or would expected to have
a material adverse effect on its business and operations, nor
had it been involved in any legal proceedings or regulatory
investigations related thereof.<p>In addition, the Company employs certain third party service
providers for TSMC and its affiliates worldwide with whom
the Company needs to share highly sensitive and confidential
information to enable them to provide the relevant services.
Despite that TSMC requires the third party service providers
to comply with the confidentiality and/or Internet security
requirements in its service agreements with them, there is no
assurance that each of them will strictly fulfill such obligations,
or at all. The on-site network systems of and the off-site cloud
computing networks such as servers maintained by such
service provider and/or its contractors are also subject to risks
associated with cyber attacks. If TSMC or its service providers
are not able to timely resolve the respective technical difficulties
caused by such cyber attacks, or ensure the integrity and
availability of its data (and data belonging to its customers
and other third parties) or control of its or its service providers’
computing systems, the Company’s commitments to its
customers and other stakeholders may be materially impaired
and its results of operations, financial condition, prospects and
reputation may also be materially and adversely affected as a
result." - <a href="https://investor.tsmc.com/static/annualReports/2017/english/pdf/e_11.pdf" rel="nofollow noreferrer">https://investor.tsmc.com/static/annualReports/2017/english/...</a>