Apple’s Ransomware Mess is the Future of Line Extortion
[ad_1]
During the day Apple would announce a machine new products in the spring-loaded event, an unexpected quarter of an escape appeared. He said he had a well-known group of REvil ransomware stolen data and schemas Quanta Computer is about Apple’s unreleased products, and the data will be sold to the highest bidder if they don’t get a $ 50 million payment. As proof, they have released a cache of documents about unpublished MacBook Pros. Since then they have added iMac schemas to the stack.
The connections to Apple and the horrible time created a stir about the attack. But it also reflects the fact that many worrying trends in ransomware come together. After years refining techniques for massively encrypting data to keep victims out of their systems, criminal groups are increasingly targeting data theft and extortion as the focus of their attacks — and making obvious demands in the process.
“Our team is negotiating the sale of large gigabytes of confidential drawings and personal data with several major brands,” REvil wrote in the stolen data messages. “We recommend that Apple purchase the available data before May 1st.”
Over the years, ransomware attacks have required encrypting a victim’s files and making a simple transaction: pay money, get the key to decryption. Some attackers also practiced a different approach; not only did they encrypt the files, they stole it first, and threatened to spill it, adding extra leverage to ensure payment. Although the victims were able to recover the damaged data from backups, the attackers risked sharing their secrets with the entire internet. And in the last two years, famous ransomware groups like Maze have established an approach. Nowadays the introduction of extortion is becoming more common. And the teams have taken it a step further, as is the case with REvil and Quanta, by focusing entirely on data theft and extortion and without any hindrance to encrypting files. They are thieves, not predators.
“Data encryption is surely becoming part of ransomware attacks,” says Brett Callow, a threat analyst at Emsisoft’s anti-virus company. “In fact, ‘ransomware attack’ is probably the wrong name now. Threatened operators have realized that the data itself can be used in many ways.”
In the case of Quanta, the attackers probably feel like they’re getting a nerve, as Apple is very popular with intellectual property and new products around its new products. By hitting a vendor in the supply chain, attackers give them more options about companies that can be extorted. A Quanta, for example, also supplies Dell, HP, and other high-tech companies, so a breach of Quanta customer data can be useful for attackers. Attackers may find softer targets when they look to third-party providers who don’t have a lot of resources to target cybersecurity.
“Quanta Computer’s information security team has worked with outside IT experts in the face of cyber attacks against a small number of Quanta servers,” the company said in a statement. He added that he is working with law enforcement and data protection authorities “on the latest abnormal activities observed.” There is no material impact on the company’s business. “
Apple declined to comment.
“A couple of years ago, we didn’t see any ransomware plus extortion at all, and now there’s an evolution to events that are only for extortion,” says Jake Williams, founder of cybersecurity company Rendition Infosec. “As a person responsible for the incident, I can say that people have improved their response to ransomware events. The organizations I work with today are likely to recover and prevent rescue with traditional file encryption techniques.”
[ad_2]
Source link