Supply Chain Attack Bites Apple

THE AUTHOR

Katherine Gorham
June 15, 2022

Supply Chain Attack Bites Apple

Earlier this year, Russian law enforcement arrested 14 members of the notorious REvil ransomware gang and dismantled their networks. It seemed like a successful takedown.

But now REvil–or someone claiming to be REvil–is back. (Something about which absolutely nobody in the information security field is surprised.)

Early activity of this REvil resurgence was limited to promoting a data leak site, but it escalated quickly. REvil claimed to have stolen data from Apple supplier Quanta Computer, including schematics for Apple products that have not yet been released. REvil demanded a $50 million ransom–from Apple, not Quanta.

This article predicts more such attacks, because third-party suppliers are attractive targets. They may have smaller security budgets and fewer resources than corporate giants like Apple, but they can still be troves of valuable proprietary information.

Suppliers often sell to multiple customers. Quanta “also supplies Dell, HP, and other large tech companies,” so REvil may be able to extort multiple high-value targets from a single successful attack. Defenders need to ask themselves what sensitive data may exist beyond the network perimeter.  

Welcome to the era in which nobody gets to ignore the information security vulnerabilities of their supply chain–and an era in which your most successful customers will be paying increasing attention to your information security as well.

(The best place to start when learning about ransomware is this book by industry expert Allan Liska.)

Sign Up For Our Newsletter

Don't worry, we hate spam too!

Other Articles You May Be Interested In:

Get Help Preparing For; Preventing;

Or Recovering From Ransomware Now

Get The Latest On Ransomware 
Right In Your Inbox

Sign Up To Receive Our 
Monthly Ransomware Newsletter

envelope linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram