Tower hit by cyber attack, some production disrupted
6 September, 2020
The company announced that as a preventive measure, it had halted certain of its servers and proactively held operations in some of its manufacturing facilities
Tower Semiconductor’s IT security systems identified a security incident on some of its systems as a result of a cyber attack. The company announced that as a preventive measure, it had halted certain of its servers and proactively held operations in some of its manufacturing facilities, and has done so in a gradual, organized manner.
Tower has notified relevant authorities and is working closely with law enforcement organizations and with a team of experts, coordinated with its insurance providers, in order to recover the impacted systems as soon as possible. The Company has implemented specific measures to prevent the expansion of this event.
Tower Semiconductor provides manufacturing services for integrated circuits (ICs) in process platforms such as SiGe, BiCMOS, mixed-signal/CMOS, RF CMOS, CMOS image sensor, non-imaging sensors, integrated power management and MEMS. It operates two manufacturing facilities in Israel (150mm and 200mm), two in the U.S. (200mm), and three facilities in Japan (two 200mm and one 300mm).
In September 10, Tower announced that all of its manufacturing sites are operational, targeting full capability within the next few days. “Tower is confident of the functional quality of the work in progress and production line inventories, with Company and customer data remaining protected. Due to the manufacturing disruption, the Company expects some level of impact to its third quarter results.”
Semiconductor’s Industry under Attack
Cyber attacks pose a big risk to the highly connected semiconductor’s production lines. On May, 2020, the US-based MaxLinear discovered a security incident affecting some of its systems and immediately took all systems offline. On August, 2018, TSMC, a supplier for Apple’s SoC components and a major manufacturer for Qualcomm, fell victim to a variant of the WannaCry ransomware. The infection caused the company to stop production for two days. The shutdown was believed to have cost the company roughly $250 million USD and shipment delays.
According to the Taiwanese cyber security firm CyCraft, multiple organizations along Taiwan’s high-tech ecosystem were victims of an advanced persistent threat (APT) attack , which originated in the semiconductor industry and still continues to be a threat today. “APTs are professional cyber espionage actors that typically receive direction and support from nation-states and often target organizations with high-value information, such as national defense, financial, energy, or now, the manufacturing of semiconductors.”