The WannaCry virus was responsible for stopping the production of iPhone chips for three days in factories at TSMC, Apple's supplier in Taiwan and the world's largest processor company. The attack hit the company's machines on Friday (3), but the cause of the problem was reported only on Monday (6). According to the semiconductor manufacturer, ransomware entered its computer network and quickly spread to more than 10,000 pieces of equipment in three manufacturing plants.
The operation has already been normalized, but in case it draws the attention of security analysts to the risks of common or corporate users not updating the computer's operating system with the necessary security updates. With the British website V3, the Taiwanese company admitted in a press conference that the virus affected machines with Windows 7 without security corrections. It is worth remembering that even before WannaCry spread, in 2017, Microsoft had already released security patches that corrected the flaw exploited by this type of virus.
READ: Facebook scam steals bank details from Brazilians; understand
Infection por WannaCry in Apple supplier may delay new generation of iPhone Photo: Luciana Maline / TechTudo
Want to buy cell phones, TV and other discounted products? Meet Compare TechTudo
Infection of TSMC machines occurred due to a failure in the software update procedure in the company. In a note, the supplier explained that the virus only accessed a machine that was undergoing a system update and spread to other equipment, since the computer was connected to the network. Production was halted to halt the distribution of ransomware. According to the company, confidential customer data has not been compromised.
As of Sunday (5), 80% of the affected machines had already been normalized. Production was resumed in its entirety the following day. According to TSMC, security measures have been taken to eliminate the problem and prevent cases like this from occurring in the future.
Initially, it was expected that the chip supply would not be affected by surplus stock. Later, however, TSMC confirmed that parcel delivery will take three days longer than anticipated. It is not yet known whether the delay will impact the iPhone launch calendar, which usually occurs in September. So far, Apple has not commented on the case.
WannaCry is ransomware-type malware, that is, it blocks files from a computer and requests ransom from the user, usually in Bitcoin. The virus became known in May 2017, when it affected thousands of computers running Windows. The attack caused the closure of hospitals, telecommunications companies and other establishments worldwide. It is estimated that the virus has reached hundreds of thousands of computers in more than 150 countries.
The attack exploits a flaw in the Microsoft operating system that allows free distribution of the code on PCs connected to each other. The threat only needs to infect a single computer connected to the Internet and then spread to other machines on an offline local network, such as a worm. Microsoft had already fixed the flaw exploited by WannaCry months before the outbreak reached thousands of victims. However, the fix has only been applied to updated operating systems.
This feature made WannaCry especially dangerous in corporate environments. Although corporate networks have several protections, a victim of phishing, encouraged to click on a suspicious email link, could pave the way for ransomware to invade other PCs. The virus asks for a $ 300 ransom in bitcoins to release the decryption key of the blocked files. However, users who have a backup can recover the data with a machine format.
Coup using the WannaCry virus in 2017 reached more than 150 countries Photo: Divulgao
The TSMC case drew the attention of security analysts to the risks that failure to update the operating system can bring. Experts recommend downloading and installing all patches made available by the software manufacturer to prevent hackers from exploiting system vulnerabilities.
As Kaspersky Lab senior security analyst Fabio Assolini points out: "WannaCry made it clear that computer security must be a proactive and constant process, with the fundamental pillar of applying operating system patches and the correct configuration of antimalware solutions" .
By failing to update, people and companies are vulnerable and this can even cause financial and operational losses, with the loss of important files, for example. "When a company launches the updated version of software it means that improvements have been made to the product, and among them, there may be security flaws corrections. It does not mean that companies have developed flawed products, but that, as new threats appear every day, these updates are necessary to combat them. ", explains ESET Country Manager in Brazil Camillo Di Jorge.
Windows users who do not usually update their computer or use unsupported versions are still potential victims of the WannaCry virus, among others, and may have files hijacked. The recommendation is to always keep Windows Update on and migrate to Windows 10.