[ad_1]
The hardware and electronics company Acer Inc. has been attacked by the REvil ransomware with the ransomware gang demanding a $ 50 million ransom payment.
The REvil ransomware gang first announced on their data breach site on March 18 that they had breached the Taiwanese company and shared some images of allegedly stolen files as evidence. According to Bleeping Computer, the allegedly stolen data includes financial spreadsheets, bank balances, and bank communications.
Acer has neither confirmed nor denied the attack, although it did hint that something was up. “Acer routinely monitors its IT systems and most cyber attacks are well defended,” the company said in a statement. “Companies like us are constantly under attack and have reported recent abnormal situations observed to relevant law enforcement and data protection authorities in several countries.”
As of this writing, there is no official statement of non-compliance or the like on any of Acer’s major social media sites or accounts. The company mainly manufactures products in Taiwan and mainland China. It is unclear whether it could be subject to Western regulations, such as the European Union General Data Protection Regulation; one of its suppliers is based in Hungary, which is a member of the EU.
The $ 50 million demanded is remarkable, as it is believed to be the highest amount ever demanded in the ransomware attack, the previous maximum being the $ 42 million that REvil demanded when it successfully targeted the celebrity law firm Grubman. Shire Meiselas & Sacks in May. The cost to Acer may be higher again with the group threatening to increase the ransom to $ 100 million if it is not paid within eight days.
Other notable victims of REvil include currency provider Travelex in late December 2019. In that case, Travelex was reported to have paid a $ 2.3 million ransom for a decryption key to restore its network.
It is also speculated that REvil may have exploited a highly publicized Microsoft Exchange vulnerability. James McQuiggan, a security awareness advocate at security training company KnowBe4 Inc. believes the attack included exploiting Microsoft Exchange, telling SiliconANGLE that “it was only a matter of time before Microsoft’s recent vulnerability Exchange will blow up an organization, and in the current climate, it was fast. “
“The 2017 WannaCry ransomware used the EternalBlue exploit and it only took a few months before a massive attack occurred,” McQuiggan explained. “With this attack, it took only weeks.”
“Organizations must maintain a multi-layered network infrastructure to reduce the risk from cybercriminals by quickly accessing sensitive data and systems,” added McQuiggan. “Combined with security awareness training, this will allow employees to understand and recognize the importance of protecting critical systems in their organization.”
Image: Acer
Since you are here …
Show your support for our mission with our one-click subscription to our YouTube channel (below). The more subscribers we have, the more YouTube will suggest relevant business and emerging technology content to you. Thanks!
Support our mission: >>>>>> SUBSCRIBE NOW >>>>>> to our YouTube channel.
… We would also like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of content, not advertising. Unlike many online publications, we do not have a paywall or run banner ads, because we want to keep our journalism open, without influence or the need to chase traffic.SiliconANGLE journalism, reporting, and commentary, along with unscripted live video from our Silicon Valley studio and globe-trotting video crews at the cube – requires a lot of work, time and money. Keeping quality high requires the support of sponsors who are aligned with our vision of ad-free journalistic content.
If you like reports, video interviews, and other ad-free content here, please take a moment to see a sample of the video content endorsed by our sponsors, tweet your supportand keep coming back to SiliconANGLE.
[ad_2]
