The REvil crew claims it came into possession of Apple product data after breaching Quanta Computer, a Taiwanese company that is the biggest laptop manufacturer in the world and which is also one of the companies that assemble official Apple products based on pre-supplied product designs and schematics.
In a message posted on a dark web portal where the ransomware gang usually threatens victims and leaks their data, the REvil gang said that Quanta refused to pay to get its stolen data back and, as a result, the REvil operators have now decided to go after the company’s primary customer instead.
The REvil group have posted 21 screenshots depicting MacBook schematics as proof for the infiltration and threatened to release new blueprints every day until either Apple pay the demand.
Looking into the issue for Digital Journal is Gary Ogasawara, CTO, Cloudian.
Ogasawara says of the incident: “If targeted by ransomware, businesses should be aware that their attacker’s threat can permeate into their customer channels until the attacker achieves its financial goal.”
Ogasawara notes that the incident is a sign of the increasing sophistication of cyberattacks: he says: “As ransomware tactics continue to advance, companies must act now to strengthen their defenses.”
Hence, there are things that businesses can put in place to address these types of cyberattacks. Ogasawara notes in particular: “The strongest defense begins with how sensitive data is stored. Organizations will often encrypt their backup data thinking it will be safe and accessible should a threat arise, but the primary data is then left vulnerable to exposure once a cybercriminal is past initial perimeter security.”
For rock-solid measures, Ogasawara advises: “To ensure complete safety, organizations should employ encryption, both for data at rest and for data in flight.”
This is especially: “By combining encryption and immutable (unchangeable) storage backups, data is protected from the attacker attempting to steal the data or and/or holding it for ransom.”