Gigabyte is the latest company to fall victim to a ransomware attack. The cyberattack was reportedly carried out by a ransomware outfit called RansomEXX, who are threatening to release data from the company, including confidential documents from Intel, AMD and American Megatrends.
For Gigabyte, the attack did not have an impact on any of the company’s production systems, although the incident did affect some of the internal servers. Gigabyte produces personal computer components like motherboards and graphics cards. The company also produces a range of laptops and peripherals like gaming monitors, branded as Aorus products.
This attack is just the latest in ransomware attacks over the past year, which also included a highly publicized attack on the Colonial Pipeline (including analysis reported on Digital Journal). Analysis suggests there has been a 171 percent year-over-year increase in this nature of cyberattack. In many cases there are payouts, making ransomware a lucrative area for criminal gangs and rogue state actors.
According to new analysis from Ric Longenecker, CISO at Open Systems, the current concern with the cybersecurity world is ransomware.
He tells Digital Journal: “With this latest cyberattack on Gigabyte, we’re seeing a new trend with ransomware attacks. It’s no longer just about ransomware and encryption, but now simply blackmail and release of very sensitive information.”
This creates a precarious position for many firms, especially those without well-developed protocols or solid defense systems.
Looking at the specific case, Longenecker: “Though we don’t know the ransom amount being demanded, the threat of RansomEXX leaking highly confidential data from Intel, AMD and American Megatrends is alarming enough to startle anyone involved into taking swift action.”
Reportedly, RansomEXX threatens to publish 112GB of data it got from Gigabyte plus information it has stolen from an American Megatrends Git repo.
In terms of the lessons learned, Longenecker says there is much more that many companies can do. He recommends: “It is critical for companies to turn to cybersecurity solutions like managed detection and response (MDR), which combines human expertise, AI and advanced threat detection to react early in the cyber kill chain and protect sensitive information vital to their businesses and customers.”
To add to this, systems need to be secured with strong passwords and multi-factor authentication to protect against brute force attacks. In addition, IT professionals should be vigilant when applying security patches to stop attackers taking advantage of known vulnerabilities.
Many businesses are also taking out special insurance schemes. So-called cyber insurance (a form of liability insurance) is an insurance policy that helps protect organisations from the fallout from cyberattacks and hacking threats. While insurance is important and it can help mitigate risks, it does not prevent can attack from occurring in the first place and the considerable damage and disruption that often comes with such an incident.
