Tag: asks | SpinSafe

TSMC, Apple’s Chipmaker, Hit with a Ransomware Attack, LockBit Asks for $70M to Prevent Leaks

June 30, 2023/in Internet Security

The famous technology company behind the Apple processors like the A-series Bionic chips and the M-series SoCs, was recently hit with a ransomware attack. The LockBit ransomware gang already took responsibility for the attack, notoriously known for its global activities and ties to Russia, having some of its members from the country.

It is demanding a $70 million ransom demand from the Taiwan Semiconductor Manufacturing Company (TSMC), or else it would leak all the stolen data it managed to steal from the company.

TSMC was Hit with Ransomware Attack, LockBit Demands $70M

(Photo : SAM YEH/AFP via Getty Images)
A security staff stands next to a logo of the Taiwan Semiconductor Manufacturing Co, (TSMC), during the investors conference in Taipei on July 16, 2014. TSMC, the world’s biggest contract microchip maker, was to release second-quarter earnings results at an online conference.

TechCrunch reported that TSMC’s partner was hit with a ransomware attack, more specifically, one of its IT hardware suppliers, Kinmax Technology, with LockBit already owning up to the attack. The ransomware group is demanding a ransom payment of $70 million to keep the stolen data from getting leaked to the public.

Kinmax made this known to TSMC, with the company’s services centering on setting up the server’s initial setup and configuration. The attacked company also said that several pieces of information were leaked last Thursday, but the reports did not expand more on how serious the attack was or how much was taken.

Other clients of Kinmax include Microsoft, Citrix, Cisco, VMWare, and HPE.

Stolen Sensitive Data Would be Leaked, is Apple Included?

As per 9to5 Mac, TSMC already confirmed that this attack did not affect its business operations and customer information, despite Kinmax Technology’s hand on its servers. This means that this should not be a massive cause of concern for TSMC’s customers, including Apple, one of its largest partners in the tech landscape.

TSMC and the LockBit Ransomware Gang

TSMC remains the top supplier of Apple for all chip…

Source…

BlackCat/ALPHV ransomware asks $5 million to unlock Austrian state

May 27, 2022/in Computer Security

BlackCat ransomware gang asks $5 million to unlock Austrian state

Austrian federal state Carinthia has been hit by the BlackCat ransomware gang, also known as ALPHV, who demanded a $5 million to unlock the encrypted computer systems.

The attack occurred on Tuesday and has caused severe operational disruption of government services, as thousands of workstations have allegedly been locked by the threat actor.

Carinthia’s website and email service are currently offline and the administration is unable to issue new passports or traffic fines.

Additionally, the cyberattack also disrupted COVID-19 tests processing and contact tracing done through the region’s administrative offices.

The hackers offered to provide a working decryption tool for $5 million. A spokesperson of the state, Gerd Kurath, told Euractiv that the attacker’s demands will not be met, though.

The press representative further said that there is currently no evidence that BlackCat actually managed to steal any data from the state’s systems and that the plan is to restore the machines from available backups.

Kurath said that of the 3,000 systems affected, the first ones are expected to become available again today.

At the time of writing, BlackCat’s data leak site, where the hackers publish files stolen from victims that did not pay a ransom, does not show any data from Carinthia. This may indicate a recent attack or that negotiations with the victim have not completed.

**Latest victims announced in the ALPHV site**

ALPHV/BlackCat

The ALPHV/BlackCat ransomware gang emerged in November 2021 as one of the more sophisticated ransomware operations. They are a rebrand of the DarkSide/BlackMatter gang responsible for the Colonial Pipeline attack last year.

At the start of 2022, BlackCat affiliates attacked high-profile entities and brands like the Moncler fashion group and the Swissport airline cargo handling services provider.

By the end of the first quarter of the running year, the FBI published a notice warning that BlackCat had breached at least 60 entities worldwide, assuming the status it was anticipated to attain as one of the most active and dangerous ransomware projects out there.

The attack on Carinthia and the large ransom demands show that the threat actor focuses on…

Source…

Top US cyber official asks Americans to look out for Russian hacking efforts

March 27, 2022/in Computer Security

The U.S. government is wary about the possibility of a Russian cyberattack on U.S. critical infrastructure paired with Kremlin attempts to spread disinformation about any incident’s effects to sow panic among Americans, a top U.S. cyber official told CNN.”All businesses, all critical infrastructure owners and operators need to assume that disruptive cyber activity is something that the Russians are thinking about, that are preparing for, that are exploring options, as the President said,” Jen Easterly, director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), said.”That’s why we are so focused on making sure that everybody understands the potential for this disruptive cyber activity,” Easterly said. “And it’s not about panic. It’s about preparation.”Easterly pointed to the example of a cybercriminal attack on Colonial Pipeline last year, which shut down delivery of fuel to the East Coast for days and led to Americans hoarding gasoline.The Biden administration has for months warned that Moscow could respond to U.S. sanctions over Russia’s invasion of Ukraine with cyberattacks on U.S. infrastructure — or that ransomware gangs like the one that hit Colonial Pipeline could lash out.”The magnitude of Russia’s cyber capacity is fairly consequential and it’s coming,” President Joe Biden told business leaders March 21.Easterly called Biden’s statement, which said Russia was conducting “preparatory activity” for a potential cyberattack, “pretty unprecedented.””I think what makes the moment different is just seeing what the Russians have done with this unprovoked invasion of Ukraine and then understanding there can be some very real consequences of that in cyberspace,” Easterly told CNN.Easterly’s agency, established in 2018, is charged with advising the owners and operators of power plants, manufacturing facilities and other critical infrastructure on how to defend against such threats.Agencies like CISA and the departments of Treasury and Energy have in recent months held cyberthreat briefings on Russian hacking capabilities for America’s biggest banks and electric utilities.Many of those critical infrastructure operators have spent years investing in network…

Source…