Microchip Technology Inc. said last week that it had been hit by a cyber attack that had disrupted its ability to fulfill customer orders.
Microchip President Ganesh Murthy said in an 8-K filing on Tuesday that the company had detected suspicious activity in its IT systems beginning on Aug. 17. Two days later, Microchip confirmed that an anonymous attacker had compromised its network and disrupted its servers.
Microchip, which makes microchips and microcontrollers as well as memory, storage and embedded security products, also acknowledged that the attack caused operational delays.
“As a result of this incident, some of our manufacturing facilities are operating at lower than normal levels and our ability to fulfill orders is currently impacted,” Microchip said in its 8-K. “We are working diligently to bring the affected portions of our IT systems back online, restore normal business operations and mitigate the impact of the incident.”
Following the attack, Microchip isolated the affected systems and forced some systems offline, although it is unclear whether the affected servers were taken offline voluntarily or whether the cyberattack involved ransomware.
“Our investigation is ongoing, so the full extent, nature and impact of the matter are not yet known. As of the date of this filing, we have not yet determined whether the matter may have a material effect on our financial condition or results of operations,” the 8-K said.
It is unclear when manufacturing facilities will resume normal operations. The impact could be significant because Microchip Technology is a large manufacturer with customers in critical infrastructure sectors. The company serves 125,000 customers, including organizations in the industrial, automotive, aerospace and defense and computing industries, according to its website.
Grayson North, principal security consultant at Guidepoint Security, told TechTarget Editorial that the attack shows telltale signs of ransomware because it caused disruptions to servers and business operations. North added that the technology industry is the second-most affected industry by ransomware groups in 2023, according to Guidepoint data.
“So far, no ransomware group has claimed responsibility for the attack, which means that data stolen in this incident is not yet available on the dark web. This suggests that Microchip is still in negotiations with the responsible threat actors. Depending on the negotiations, this process could take weeks or even months to resolve,” North said.
While the nature of the attacks is unclear, ransomware groups are increasingly targeting the manufacturing sector. For example, Cisco Talos published new research last month showing that ransomware attacks are heavily targeting manufacturing organizations.
Additionally, Peter Hedberg, vice president of cyber underwriting at Corvus Insurance, told TechTarget Editorial that ransomware gangs are increasingly targeting manufacturing companies because they believe they can't afford the downtime caused by attacks.
Microchip Technology Inc. did not respond to a request for comment at time of writing.
Arielle Waldman is a TechTarget Editorial news writer covering enterprise security.