Taiwan's Foxsemicon Hit by LockBit Ransomware Attack

Taiwanese semiconductor manufacturer Foxsemicon Integrated Technology Inc., a subsidiary of the renowned Hon Hai Precision Industry Co. Ltd. (also known as Foxconn), has reportedly fallen victim to a ransomware attack orchestrated by the notorious LockBit ransomware gang.

The Taipei Times revealed that the company's website displayed a distressing message in English, asserting that 5 terabytes of data had been compromised. The message ominously warned Foxsemicon customers that their personal data had been stolen and threatened Foxsemicon employees with job loss if the company's management failed to engage with the hackers, stating, "If your management does not contact us, you will lose your job, as we are able to completely destroy Foxsemicon with no possibility of recovery."

Foxsemicon later informed the Taiwan Stock Exchange that it had regained control of its website and was actively collaborating with security experts to manage the situation. The company emphasized that the attack “should not significantly affect the company’s operations.”

The timing of the attack is particularly noteworthy, coinciding with heightened cybersecurity concerns in Taiwan amid its upcoming general election. Ben Forster, a senior director at cybersecurity firm AttackIQ Inc., highlighted the tense backdrop against which the attack occurred, noting the recent appeal by Taiwanese government officials to the US Treasury Department for support due to increased security vulnerabilities.

Sean Deuby from Semperis Inc. also stressed the importance of organizations knowing what their critical systems are, which would allow them to better prepare for potential ransomware attacks.

While Foxsemicon has not disclosed the specifics of the ransom demand or confirmed any data leakage, the incident underscores the escalating cybersecurity threats facing major corporations and the need for robust protective measures.

This is just one of many ransomware attacks executed by the prolific LockBit gang in the last few years. Many of these occurred in the US — a recent advisory by cybersecurity authorities, including the US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI, revealed that the LockBit ransomware gang has extorted a staggering $91 million from approximately 1,700 US organizations since 2020.