TSMC’s Windows 7 computers infected with WannaCry

Aug 8, 2018 08:36 GMT  ·  By

Apple’s supplier TSMC has recently been hit by malware, with the infection hitting critical systems in its production facilities.

As the exclusive supplier of iPhone A-series chips, TSMC was forced to suspend the manufacturing process at its facilities, as engineers were struggling to remove the malware and return to normal operations.

And as it turns out, the malware that caused the outage was WannaCry, a form of ransomware that was discovered in May 2017 and which has already been blocked with both Windows updates and virus definitions.

In other words, a fully patched system should by no means be vulnerable to WannaCry, regardless of the Windows version powering it – Microsoft has released emergency updates against this ransomware even for Windows XP, despite this OS version already being unsupported.

Unpatched Windows 7 systems

However, according to a new report, TSMC was running unpatched Windows 7 on systems in charge of critical processes for several manufacturing tasks, and this is how WannaCry ended up taking down its machines.

Production systems being pushed offline could eventually result in a delay of the new iPhones launching in September, according to people familiar with the matter, even though TSMC says it has already restored all computers and is now accelerating production to reach normal operations.

“TSMC expects this incident to cause shipment delays and additional costs. We estimate the impact to third quarter revenue to be about three percent, and impact to gross margin to be about one percentage point. The Company is confident shipments delayed in third quarter will be recovered in the fourth quarter 2018, and maintains its forecast of high single-digit revenue growth for 2018 in U.S. dollars given on July 19, 2018,” TSMC said in a press statement.

Needless to say, as the world’s only iPhone chip manufacturer, TSMC running unpatched systems makes absolutely no sense and exposes the company to other cyberattacks that could cause not only production delays, but also data loss.