TSMC Virus Attack and the Need for a Secure Data Workflow for Manufacturing Networks

Details of the TSMC Virus Attack

On Friday, 3 August 2018, the Taiwan Semiconductor Manufacturing Company (TSMC) was reportedly hit with a variant of the 2017 WannaCry ransomware, and from current reports the initial infection occurred during the software installation process of a new tool. The malware then spread through TSMC’s computer network and infected systems.

A quote from TSMC CEO C.C. Wei claims that an “unidentified” vendor provided the company with the infected tool, so this was not an issue of TSMC being hacked, but rather a manufacturing supply chain management issue.

Attacks like the TSMC attack highlight more than ever the need for setting up Secure Data Workflow processes for critical operations, like manufacturing production processes.

Secure Data Workflow a Solution for Protecting Isolated “Manufacturing” networks.

The key to security for the “manufacturing” sector is setting up an isolated network(s) and then establishing a secure data workflow into and out of them, and even within them. The secure data workflow process should consist of many defenses that guard the data both in transit and in storage.

MetaDefender Vault is a perfect example of a product offering that can serve as the core of a secure data workflow process. Points of entry into the isolated network can be precisely defined and protected, even using data diodes for extreme isolated network use cases. Once the files are stored in the Vault, they can then be locked down for a set period of time to help prevent malware outbreaks, multi-scanned for malware with multiple signature-based and heuristic anti-malware engines on a frequent basis, and protected with a role-based work flow that allows granular control of a well-defined process of moving ans storing files in an isolated network.