Close this search box.

Supply Chain Attack Bites Apple

The author

Earlier this year, Russian law enforcement arrested 14 members of the notorious REvil ransomware gang and dismantled their networks. It seemed like a successful takedown.

But now REvil–or someone claiming to be REvil–is back. (Something about which absolutely nobody in the information security field is surprised.)

Early activity of this REvil resurgence was limited to promoting a data leak site, but it escalated quickly. REvil claimed to have stolen data from Apple supplier Quanta Computer, including schematics for Apple products that have not yet been released. REvil demanded a $50 million ransom–from Apple, not Quanta.

This article predicts more such attacks, because third-party suppliers are attractive targets. They may have smaller security budgets and fewer resources than corporate giants like Apple, but they can still be troves of valuable proprietary information.

Suppliers often sell to multiple customers. Quanta “also supplies Dell, HP, and other large tech companies,” so REvil may be able to extort multiple high-value targets from a single successful attack. Defenders need to ask themselves what sensitive data may exist beyond the network perimeter.  

Welcome to the era in which nobody gets to ignore the information security vulnerabilities of their supply chain–and an era in which your most successful customers will be paying increasing attention to your information security as well.

(The best place to start when learning about ransomware is this book by industry expert Allan Liska.)

Sign Up For Our Newsletter

Don’t worry, we hate spam too!

Get The Latest On Ransomware Right In Your Inbox

Sign Up To Receive Our Monthly Ransomware Newsletter
Don’t worry, we hate spam too

Is This Your Business?
Get In Touch

Contact Us To Sponsor Your Business Listing & Learn More About The Benfits.

Before You Go!
Sign up to stay up to date with everything ransomware

Sign Up To Receive Our Monthly Ransomware Newsletter
Don’t worry, we hate spam too

JUST RELEASED: The 2024 State of Ransomware Survey is in.


Share via
Copy link
Powered by Social Snap