An announcement by a group of hackers going by the name REvil that they had sensitive data relating to Apple on the day the tech giant launched a host of new products could have wide-reaching consequences.
The breach came via a Taiwanese company called Quanta that assembles a number of Apple products. Despite its unwillingness to engage with the hackers, who then moved on to Apple to try to extort a ransom for the data, Quanta could continue to be the weak link in the future.
Apple ransomware attack
Traditional ransomware attacks involve encrypting the victim’s files and then extorting money from them for the key. This new generation of attacks, as was seen in the case with Apple, has an added dimension in which the hackers threaten to publish the stolen data, thus sharing the company’s secrets with the world.
Brett Callow, a threat analyst at the antivirus firm Emsisoft, told Wired:
Data encryption is becoming less of a part of ransomware attacks for sure. In fact ‘ransomware attack’ is probably something of a misnomer now. We’re at a point where the threat actors have realized that the data itself can be used in a myriad of ways.
REvil demonstrated the seriousness of its intentions and justification for its $50 million ransom by leaking some of the stolen documents. While the majority of them were related to individual components, one did indicate significant changes to the design of the 2021 MacBook Pro.
Third-party suppliers as soft targets
It’s clear that in this instance, Apple has been left open to attack by its reliance on a third-party supplier and it’s not the only big name company on Quanta’s client list. It also supplies the likes of Microsoft, Dell and Cisco, who could all find themselves targets in the future.
While Apple and Microsoft invest vast quantities of money into their cybersecurity protocols, firms further down the supply chain don’t have the same level of resources. This makes them a soft target for hackers and also offers more options in terms of who they can extort to pay the ransom, as was seen with the Apple case. When Quanta refused, the hackers went further up the chain.
Urgent action on ransomware required
The reality of the situation is that ransomware attacks are now widespread and affecting organizations across all areas of life. If the likes of Apple and Microsoft can’t protect their data within their own supply chains, what hope is there for non-tech industries?
Reports of schools and hospitals becoming victims of ransomware attacks are particularly worrying and have led to calls for urgent action. A set of 50 recommendations have been put together by a global coalition, including Microsoft, Amazon, the FBI and the National Crime Agency in the UK, working with the Ransomware Task Force (RTF).
They’ve been presented to governments across the world in a bid to tackle what has become a national security threat, as well as a health and safety concern. Ransomware attacks are now impacting the economy and citizens’ ability to access critical services, and the proceeds are funding organized crime.