TSMC Virus Attack and the Need for a Secure Data Workflow for Manufacturing Networks
Details of the TSMC Virus Attack
On Friday, 3 August 2018, the Taiwan Semiconductor Manufacturing Company (TSMC) was reportedly hit with a variant of the 2017 WannaCry ransomware, and from current reports the initial infection occurred during the software installation process of a new tool. The malware then spread through TSMC’s computer network and infected systems.
A quote from TSMC CEO C.C. Wei claims that an “unidentified” vendor provided the company with the infected tool, so this was not an issue of TSMC being hacked, but rather a manufacturing supply chain management issue.
Attacks like the TSMC attack highlight more than ever the need for setting up Secure Data Workflow processes for critical operations, like manufacturing production processes.
Secure Data Workflow a Solution for Protecting Isolated “Manufacturing” networks.
The key to security for the “manufacturing” sector is setting up an isolated network(s) and then establishing a secure data workflow into and out of them, and even within them. The secure data workflow process should consist of many defenses that guard the data both in transit and in storage.
MetaDefender Vault is a perfect example of a product offering that can serve as the core of a secure data workflow process. Points of entry into the isolated network can be precisely defined and protected, even using data diodes for extreme isolated network use cases. Once the files are stored in the Vault, they can then be locked down for a set period of time to help prevent malware outbreaks, multi-scanned for malware with multiple signature-based and heuristic anti-malware engines on a frequent basis, and protected with a role-based work flow that allows granular control of a well-defined process of moving ans storing files in an isolated network.
For more information, please contact one of our cybersecurity experts.

- Academy 22
- Advanced Threat Prevention 69
- CEO's Blog 25
- Company Announcements 145
- Company Culture 15
- CVEs 287
- Deep CDR 68
- DevSecOps 3
- Email Security 32
- Engineering Blog 3
- File Upload Security 26
- Industrial Cybersecurity 26
- Kiosk & USB Security 38
- Malware Analysis 83
- OACCP Certification 46
- OESIS Framework 134
- Product Announcements 352
- Reports 28
- Secure Access 27
- Secure Data Storage 26
- Technology Partnerships 42
- Vulnerabilities 29
- File Upload Protection – 10 Best Practices for Preventing Cyber Attacks
- Protecting Critical Infrastructure from Advanced Cyberattacks
- 6 Potential Security Gaps in File Transfer Process for Critical Infrastructure
- How the Energy Industry Can Survive Targeted Attacks
- Smarter Malware Analysis Starts Here
- Research Highlights Significant Challenges for Organizations in Responding to Malware Threats
- MetaDefender Prevents Emotet - The World’s Most Dangerous Malware
- OPSWAT Takes Proactive Steps to Close the Critical Infrastructure Protection Skills Gap
- Can A Video File Contain A Virus?