[ad_1]
TSMC is the world’s largest silicon foundry and is now the latest victim of a “data breach,” according to the company. In an online post, the ransomware gang known as LockBit has listed the Taiwanese chip-making giant as one of its most recent victims. TSMC has confirmed the situation while downplaying the potential fallout from the incident. The hackers are demanding $70 million in compensation, according to TechCrunch. If payment isn’t received, they are threatening to publish methods others can use to access the company’s previously secure networks.
The LockBit gang hails from Russia and posted about the attack on the dark web, where it routinely updates its list of victims. The $70 million is one of the largest ransoms ever demanded in the cybersecurity world, and it will surely put TSMC in a difficult situation. If it refuses to pay, LockBit says it will publish “points of entry into the network and passwords and logins company (sic).” Despite its demand, the group has yet to publish evidence of what it purportedly possesses.
The hackers breached TSMC by way of one of its third-party suppliers, a situation where a company TSMC pays to manage some of its IT demands is itself breached, like entering a company through a side door. Since that supplier has credentials to access TSMC’s network, it’s an attractive way for hackers to gain entry to a bigger company that is their partner.
The US government’s Cybersecurity & Infrastructure Security Agency has been tracking LockBit attacks for several years now.
Credit: CISA.gov
In a statement, TSMC acknowledged a “cybersecurity incident” at one of its IT hardware suppliers, which is a company named Kinmax Technology. The statement says this has resulted in acquiring “information pertinent to server initial setup and configuration.” However, TSMC is saying that no customer data was taken and that it won’t impact the operation of its business. TSMC also says it has cut off this company from further data exchange per its security protocols. Kinmax specializes in “networking, cloud computing, storage, security, and database management.”
TechCrunch notes that in addition to TSMC, the company also lists HPE, Cisco, Microsoft, Citrix, and VMware as customers. Hence, these companies might be affected by the cyberattack. However, none of those companies have responded to press inquiries. Kinmax wrote in a statement that a testing environment it provides to its customers was the object of the attack, with “system installation preparation” being the bulk of what was stolen.
[ad_2]
Source link
