Apple Supplier Pwned By Ransomware…. Unreleased MacBook Schematics Are Now Being Held For Ransom

Apple dropped a bunch of new hardware yesterday in a product launch event that was streamed to the world. The long awaited AirTags, a new iMac, and a new iPad Pro all were announced. But the story that you should actually care about is that according to Bloomberg, Apple supplier Quanta was hit by a ransomware attack perpetrated by the ransomware group called REvil. And what’s more, they claim to have in their possession 15 images and or schematics of unreleased MacBooks. And all of this came to light while the event was going on:

By the time Apple’s product launch was over, REvil had posted schematics for a new laptop, including 15 images detailing the guts of what appears to be a Macbook designed as recently as March 2021, according to the documents reviewed by Bloomberg.

REvil is now attempting to shake-down Apple in its effort to profit off the stolen data. They’ve asked Apple to pay their ransom by May 1, as was first reported by Bleeping Computer. Until then, the hackers will continue to post new files every day, REvil said on its blog.

An Apple spokesperson declined to comment on questions about the compromise.

Now Quanta makes computers for a number of brands such as HP, Lenovo and Dell among others. And Bleeping Computer has reported that REvil might be trying to shake down other companies as well. But this is gong to cause a lot of alarm over at 1 Apple Park as Apple is the type of company that really tries to lock things down so that it can fully control the message and it can limit product leaks. Clearly that didn’t work in this case, and now they have a major problem on their hands. One has to wonder if they will cut a cheque or take some other form of action. Like not pay and whatever happens next, is whatever happens next.

I’ll be keeping a close eye on this one.

UPDATE: Justin Fier, Director of Cyber Intelligence & Analytics for Darktrace had this to say:

Following today’s news of the attack on Quanta, we can be in little doubt that complex digital supply chains are a hacker’s paradise. Today, a company’s critical data is fluid, often being handled outside the organization itself. This complexity offers those with criminal intent with many points of vulnerability that may be exploited. 

Across our global customer base, AI is stopping more and more attacks that target intellectual property or commercially-sensitive information for the purposes of extortion or corporate espionage. In this case, attackers accessed Apple’s design blueprints via a trusted third party – and the full extent of the data taken is not yet known. 

Suppliers need to be held to higher standards, and recent calls from the Biden administration and DHS for more stringent requirements for cyber security transparency and vetting are welcome.  Organizations also need to embrace technology that can respond at computer speed in the face of fast moving attacks like ransomware. Those that are being successful against fast-moving threats are protecting their systems with artificial intelligence, capable of detecting the subtle, unusual activity that precedes a full-blown attack, and crucially, which responds at computer speed – before data is held to ransom. 

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: