A hacker gang has stolen files from a company that manufactures Apple products and is openly trying to extort the tech giant in exchange for not leaking them.
Apple declined to comment on whether it intended to pay. The hackers’ extortion letter to the company remained online Thursday night.
The Taiwanese company that was hacked, Quanta, makes a range of computer products, including the Mac Pro.
The hackers, who posted the extortion letter and three sample technical files to their blog on the dark web, are among more than a dozen prolific cybercrime organizations that in recent years have steadily hacked targets around the world, encrypting victims’ files or threatening to publish them and demanding ransom, usually in bitcoins.
While U.S. law enforcement agencies closely track the hackers behind the ransomware gangs, the organizations tend to operate in countries that don’t extradite to the U.S., particularly Russia, law enforcement agents say, making it essentially impossible to physically stop them unless the hackers travel internationally.
While ransomware attacks have become increasingly common in recent years, the extortion attempt against Apple is the rare case in which a ransomware gang targets and publicly taunts a major American brand. Most gangs either focus on smaller targets and use blogs to increase public pressure on their victims to pay or are “big game hunters” that target larger corporations for huge payouts but don’t publicize the acts, allowing the companies to save face.
The Apple attack is particularly visible as the Biden administration moves to address the proliferation of ransomware. White House officials have said they will announce a comprehensive ransomware strategy in the coming weeks that will focus on bringing international pressure on host countries to stop the gangs, and the Justice Department is reported to have formed a task force to better address the problem.
Paying ransomware is risky, because some victims still do not get their files back. Others acknowledge that they have been hacked and announce that they will not pay, as CD Projekt Red, the creator of the video game Cyberpunk 2077, did in February.
It is unclear how damaging or significant the Quanta files are. A company spokesperson said in a statement that its “information security defense mechanism was activated in no time” and that there was only “a small range of services impacted by the attacks.”
Brett Callow, who tracks ransomware gangs for the cybersecurity firm Emsisoft, said the hackers’ actions give Apple few options.
“I think it entirely depends on the sensitivity of the data that was exfiltrated. If the release of the information could have a significant impact on one of Quanta’s customers’ bottom line, then somebody may be willing to pay to prevent it being released. If not, [the hackers] will likely strike out,” he said.
There is also no guarantee that the hackers will honor their price.
“Apple’s option are pretty simple,” Callow said. “Refuse to pay and strategize how to deal with the information becoming public or pay for a pinky-promise that [the hackers] will destroy the data. But why would they destroy it, especially if it has significant market value?”
Ezra Kaplan contributed.