Article Details

Chipmaker Microchip reveals cyber attack whacked manufacturing capacity. Defense contractor gets hacked – what's the worst that could happen. US semiconductor manufacturing firm Microchip Technology has revealed an "unauthorized party disrupted the Company's use of certain servers and some business operation." A Tuesday filing explains that on August 17 it "detected potentially suspicious activity involving its information technology systems." An investigation followed, and on August 19 that effort yielded evidence of the unauthorized access. The company took actions including isolating the relevant systems, shutting down others, and calling in external cyber security advisors to understand the extent of the mess. "As a result of the incident, certain of the Company's manufacturing facilities are operating at less than normal levels, and the Company's ability to fulfil orders is currently impacted," the filing states, along with a promise that it's working to fix things up ASAP. There's no word on the cause of the incident, the extent of the disruption at the chipmaker, or whether ransomware was involved. The mention of isolating affected systems suggests the unauthorized party's activities had the potential to spread into other parts of the outfit's IT estate. News of any chipmaker's manufacturing capacity diminishing is seldom welcome. This incident at Microchip is especially concerning given that in January 2024 the Biden administration awarded the firm $162 million to expand the fabs in which it makes its flagship microcontrollers. The administration billed the funding as a boost for the US's automotive, defense, and aerospace industries – reflecting Microchips' importance as a supplier to the military. Microchip's products are designed for mission-critical uses, usually in things that move fast – cars, planes, missiles – or operate in nasty remote places like space, where NASA will use its chips in its next-gen High-Performance Spaceflight Computer (HPSC). The biz also offers foundry services – and if this incident has disrupted that process it will mean pain in the silicon supply. Cyber attacks on chipmakers are not unusual: this year alone we've covered such incidents at TSMC, Nexperia, and AMD, while past examples of such attacks include the 2022 ransomware incident at Nvidia.