Third Party Compromise strikes again.
A Taiwanese manufacturer, Quanta Computer, which supplies Apple Inc with hardware used in some their
devices, stated that on 21 April 2021 it had suffered a ransomware attack by the REvil ransomware group. A staggering ransom, set at $50 million (USD), was demanded to be paid in order to prevent leaking sensitive files of Apple’s new technology on the Dark Web.
In a post shared on its deep web portal ‘Happy Blog’, the threat actor said it came into possession of
schematics of the U.S. company’s products such as MacBooks and Apple Watch, by infiltrating the network of the Quanta Computer, claiming it’s making a ransom demand to Apple after Quanta expressed no interest in paying to recover the stolen blueprints.
“Our team is negotiating the sale of large quantities of confidential drawings and gigabytes of personal data with several major brands,” the REvil operators said. “We recommend that Apple buy back the available data by May 1.”
Detected in June 2019, REvil also known as Sodinokibi or Sodin has emerged as one of the most prolific
ransomware-as-a-service (RaaS) groups, with the gang being the first to adopt the so-called technique of “double extortion” that has since been emulated by other groups.
How could Securecom have helped ?
Securecom’s TPRM (Third Party Risk Management) platform provider, Black Kite, has been continuously monitoring Quanta Computers since August 2020.
As illustrated in the security score graph, Quanta experienced a significant increase in security related issues towards the end of 2020.
Had Securecom been monitoring Apple’s third party’s on their behalf, we would have been in the position to advise them of Quanta’s notable drop in security score in December 2020, as well as create a security strategy that could have been passed on to Quanta, to help drive their security posture recovery.
Our message ?
Companies such as Apple Inc or even our very own RBNZ, are not immune to negative financial impact due to organisations within their supply chain being compromised. Actively monitoring your company’s third party cyber security posture, is a proactive control in securing your business’ data. Securecom are equipped to provide the intelligence on your vendors or third parties within hours.