Security Market Segment LS
  2. Home
  3. Security
  4. Texas foundry group X-FAB takes a hit from Maze ransomware
Thursday, 16 July 2020 10:29

Texas foundry group X-FAB takes a hit from Maze ransomware Featured

By
Texas foundry group X-FAB takes a hit from Maze ransomware Image by InspiredImages from Pixabay

On what appears to be big day for announcements about Windows ransomware attacks, a gang says it has used the Maze ransomware to attack the infrastructure of X-FAB, a foundry group based in Lubbock, Texas, that claims to be number one in the world for for analog/mixed-signal semiconductor applications. The company has already acknowledged the attack which was apparently carried out on 5 July.

The group behind the attack has released some data stolen from the company as zipped files. The company also has operations in China, the UK and Eastern Europe. The attack has led to a postponement of the second quarter results announcement from 30 July to 27 August. In 2019, X-FAB had revenue of US$506.4 million (A$723 million), a drop of 13.9% from the 2018 figure of US$587.9 million.

The X-FAB Group is organised under the umbrella of X-FAB Silicon Foundries, a holding company located in Tessenderlo, Belgium. Its Manufacturing sites are in Erfurt, Dresden and Itzehoe in Germany, Corbeil-Essonnes in France, Kuching and Sarawak in Malaysia and Lubbock.

The Texas KCBD news channel reported on Wednesday US time that production at the company's plant in Lubbock was stopped ion 5 July due to a ransomware attack on manufacturing and It systems.
KCBD referred to a statement released by X-FAB this week saying one of its manufacturing sites had resumed production on 13 July US time.

xfab2

 A screenshot from the Maze ransomware site. Supplied

The channel said it had confirmed that the Lubbock site, which has been in business for two decades, was still closed.

The company has about 3800 employees worldwide, 200 of whom work in Lubbock.

X-FAB issued a statement on 7 July saying it had been the target of a cyber security attack. "On 5 July, 2020, X-FAB Group was the target of a cyber security attack. Following the advice of leading security experts engaged by X-FAB, all IT systems have been immediately halted. As an additional preventive measure, production at all six manufacturing sites has been stopped," the company said.

"X-FAB has promptly engaged with the relevant authorities to investigate the unprecedented incident. In addition, a team of internal and external security experts has been put in place to resolve the problem and to recover all systems.

"X-FAB also decided to immediately start the temporary fabrication facility shutdowns that were initially planned to take place later in the third quarter in the context of X-FAB's Covid-19 cost-saving initiative.

xfab ataglance

Courtesy X-FAB.

"At this stage, it cannot be estimated for how long and to which degree X-FAB's operations will be disrupted. It is also too early to assess if there will be any financial impact."

In an update issued on 13 July US time, the company said: "X-FAB Group, whose IT systems and production lines were stopped to prevent damage following the cyber attack on 5 July, resumed production at one of its manufacturing sites. All other sites will follow within a week's time frame from now.

"The majority of X-FAB's customers and business partners was notified of the event. X-FAB does not expect a major impact on its business. Most orders are foreseen to be executed within the third quarter, only some deliveries may have to be shifted to the fourth quarter after close alignment with the respective customers.

xfab key markets

Courtesy X-FAB.

"In response to the production stop after the cyber attack, X-FAB had pulled forward the two-week fab shutdowns initially planned to take place later in the third quarter as part of its COVID-19 cost-saving initiative. After a detailed check, X-FAB does not anticipate damage to the work in progress caused by the sudden stop of its production lines.

"Investigations, meanwhile, revealed that it was a ransomware attack. This type of attack is generally known for demanding a ransom for decryption of data as well as for misusing data.

"The financial impact of the cyber attack is not expected to be material. There will be an additional investment to improve IT security. Together with external cyber security experts, X-FAB worked out a strategy to gradually and safely resume all systems while making the company's IT infrastructure more robust and secure going forward.

"X-FAB's priority now is to resume production at all manufacturing sites. All other IT-related systems will follow. Under these circumstances, the publication of the second quarter results initially planned for 30 July will be postponed to 27 August 2020."

Comtacted for comment, iTWire's regular commentator on matters of this nature, Brett Callow, said: "The big game hunting groups seem to be hunting ever bigger game, with the number of successful attacks on large enterprises steadily increasing. This is not surprising."

Callow, who works as a ransomware threat researcher with New Zealand-headquartered Emsisoft, added: "Ransomware groups are better resourced than ever before and, consequently have more to invest in ramping up their operations in terms of both sophistication and scale. And, of course, the bigger victims, the bigger the ransoms which means the groups have even more to invest.

"The only way to break this vicious cycle of constant escalation is for companies to stop paying ransoms. If every company were to refuse to pay, ransomware would very quickly become a thing of the past."


Subscribe to ITWIRE UPDATE Newsletter here

GRAND OPENING OF THE ITWIRE SHOP

The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.

ENTER THE SHOP NOW!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE
Published in Security
Tagged under
Sam Varghese

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Latest from Sam Varghese

Related items

More in this category: « Two for two: Nefilim gang claims hit on subsidiary of France's Orange SA Twitter bitcoin scams target the rich and famous, cryptocurrency firms »
Share News tips for the iTWire Journalists? Your tip will be anonymous
back to top

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments