[BreachExchange] Apple supplier Quanta hit by cyber attack

[Destry Winant]

https://www.ft.com/content/0ec11549-9d68-4ca2-bbac-34684c86abab

Quanta, one of Apple’s major suppliers, said on Wednesday that it had been
hit by a cyber attack and was trying to “recover data” after one of the
world’s most notorious hacking gangs said it was attempting to extort both
companies.

The Taiwanese company, which manufactures computers for Apple and also
supplies companies such as Cisco, Microsoft and Siemens, said it had
suffered “cyber attacks on a small number of Quanta servers” and was
“conducting detailed investigation to ensure containment and recovery of
data are in process”.

 The admission came after REvil, one of the most prolific criminal
ransomware hacking groups, said on its dark web site that it had
compromised Quanta and was now extorting Apple.

Like other ransomware gangs, REvil typically locks up the data or computer
systems of its victims until it is paid off. In this instance, the group
said Quanta had refused to co-operate with its demands and it was now
asking Apple to pay a ransom by May 1 in exchange for not leaking their
sensitive information.

“Our team is negotiating the sale of large quantities of confidential
drawings and gigabytes of personal data with several major brands,” the
REvil post added. It also shared copies of what appeared to be Apple
product blueprints, though it is unclear whether these contained any
confidential information. Apple declined to comment.

Separate chat logs, seen by the Financial Times, showed that REvil had
initially demanded $50m from Quanta.

Quanta on Wednesday said there had been no material impact to its
operations, and that “a small range of services” hit by the attacks had
been restored. It has notified relevant law enforcement and data protection
agencies, it said.

Ransomware attacks have become increasingly prevalent as criminals have
used cryptocurrencies such as bitcoin to collect payment without being
tracked, and as a shift to remote working during the pandemic has left
companies more vulnerable to attacks.

Gangs of ransomware hackers made more than $350m in 2020, a 311 per cent
jump on the previous year, according to Chainalysis, though the true figure
is likely to be higher given that many victims do not disclose attacks or
payouts.

 REvil, which also goes by the name of Sodinokibi, is known for making some
of the biggest demands to have been made public. Last month, it asked Acer
for an initial $50m in return for its stolen data, before doubling the
demand, according to news reports at the time.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20210423/6026b68b/attachment.html>