Semiconductor equipment maker ASML has played down a recently discovered cyber attack on its systems, claiming that no ‘valuable’ files were stolen.
The Dutch firm is the world's largest maker of photolithography machines, which are vital to the fabrication of integrated circuits.
It said in a brief statement on Sunday that it recently discovered “unauthorized access to a limited portion of its IT systems” but that it took immediate steps to contain the breach.
The firm continued:
“The time between the break-in and the discovery by ASML IT staff was short. At this time it appears that only a limited amount of data has been accessed. ASML has not found any evidence that valuable files, either from ASML or our customers and suppliers, have been compromised. We cannot be certain about the identity of the hackers.
ASML, like any other leading organization, is subject to cybersecurity attacks. We take knowledge protection very seriously and constantly work to improve our defenses against hacking attempts and our detection capabilities.
We will not provide further information about this event unless there is a significant development.”
ASML makes highly specialized and complex technology; in fact, some estimates claim that the lithographic process accounts for around a third of the cost of chip manufacturing.
This obviously makes it an attractive target for industrial espionage, although the firm has declined so far to speculate on the motive for the attack.
There’s also a possibility that hackers were attempting a “stepping stone” attack targeting one of its major chip partners.
Local reports in the Netherlands have claimed that the “Chinese authorities” were responsible, although definitive attribution in these cases is usually tricky.
Even if the computers used in the attack were indeed based in China, it’s possible they were remotely controlled from another country to throw investigators off the scent.
New stats from Panda Security released this week, for example, claim that China has the most malware infections of any country globally with an astonishingly high rate of 49%.
Critics of Beijing’s state-sponsored hacking will point out, of course, that these stats provide plausible deniability for the country’s real cyber operatives, like the notorious PLA Units 61486 and 61398.