Gigabyte, a manufacturer of PC and laptop components, has been the target of ransomware attacks. Is production blocked?
Gigabyte is one of the few Taiwanese technology companies to fall victim to ransomware attacks. This includes Acer, which a few months ago became the target of ransomware.
The ransomware attacks that hit Gigabyte had no effect on their production systems. Because this ransomware ‘only’ attacks a small number of internal servers at Gigabyte’s headquarters.
According to Gigabyte, the server is now able to operate again because data has been restored from existing backups. But the problem of ransomware attacks doesn’t stop there.
RansomExx, the syndicate behind this ransomware attack, in addition to locking data on servers, also stole Gigaabyte data. The amount is not less than 112 GB, which contains a variety of confidential information.
For example, secret messages between Gigabyte and some companies like Intel, AMD, and American Megatrend. Including several documents with disclosure agreement (NDA) status, are also confidential.
Unpredictably, the perpetrators threatened Gigabyte to leak the documents if they did not want to pay a ransom.
Currently Gigabyte is still figuring out how ransomware can infiltrate into their internal networks. However, it seems that ransomware attacks start with phishing actions via email or can even use stolen data obtained from various sources.
Both of these methods are the most common tactics used by criminals to infiltrate ransomware into their victims ’networks.
Ransomware to Gigabyte is not the only action of RansomExx, which before 2018 operated under the name 'Defray'. They have previously attacked tech companies like Garmin, Acer, Compal, Quanta, and AdvanTech.
Even last month they attacked the COVID-19 vaccination registration system in Italy, also attacking CNT, a state-owned telecommunications operator in Ecuador.
Tags
NEWS & FACT