Supply chains have been taking a lot of heat since the pandemic with a flurry of incidents showing the fragility of something that many often saw as a strength. From another front, the supply chain attacks such as SolarWinds have further demonstrated how weak systems can provide open doors for unscrupulous individuals and groups focused on inflicting costly damage to companies well beyond the firm initially breached.
The most recent supply chain-based attack seemingly has its target aimed directly at consumer electronics giant Apple. Allegedly, a hacker group has compromised Taiwanese Apple contractor Quanta Computer Inc.'s network and exfiltrated design files that appear to be tied to the Apple MacBook. Initial reports, including one by Bleeping Computer, show the ransomware hacker group REvil has demanded a $50 million ransom from Quanta, while also asking Apple to pay up.
Quanta has acknowledged a system breach, in a statement to Bloomberg saying, "Quanta Computer's information security team has worked with external IT experts in response to cyberattacks on a small number of Quanta servers. There's no material impact on the company's business operation."
Why is this happening?
Jeff Sizemore, chief governance officer with security software provider Egnyte, tells IndustryWeek, cybercriminals view supply chain attacks as easier access to high-profile intellectual property, as these companies tend to be smaller and have a more vulnerable security posture. “Giants like Apple are often thought of as primary targets, but the softer underbelly are their suppliers – attackers can still obtain access to intellectual property by compromising the supply chain rather than Apple itself,” he says. “Apple shares valuable intellectual property down their supply chain to the likes of their manufacturers, and cybercriminals know this. They are increasingly targeting what they believe to be a less fortified system.”According to Sizemore, the breach is concerning given the secrecy of Apple when it comes to product designs and roll outs. “It’s a disaster for the IT team responsible for file security and protecting data within the organization. Unfortunately, we see far too often that there are methods and tools being employed that don’t meet the security and control needs of an organization. Security is more than a checklist. The best solutions fit in a broader sense of governance but still make it easy to share files with anyone without compromising security and control.”
Righting the ship?
Now is the time to act. And, manufacturers need to understand that all content and IP is vulnerable without proper data governance, explains Sizemore. “It's imperative that they protect the data itself and ensure their supplier networks have the appropriate security technologies in place to protect their IP and sensitive data while preventing cyberthreats such as ransomware attacks and data exfiltration attempts,” he says. “Security needs to be viewed as a ‘way of life,’ and not just an item on a checklist. The best solutions cover a broader sense of governance but still make it possible to share files along the supply chain, without compromising security and control.”
Sizemore adds, “The reality is that all content is vulnerable without proper data governance, and it is imperative that organizations protect the data itself, not just the infrastructure that transports it. This type of security incident happens regularly, particularly now that we are all working in such decentralized teams. If secure file collaboration tools are implemented correctly, they can render cybercriminals’ attacks useless. Used in a case like this where the adversaries were able to infiltrate the network and exfiltrate files, the files themselves would be inaccessible to outsiders, and the valuable IP would remain locked away.”
As with most cybersecurity incidents, the story is still unfolding. We will update this post as more information is available.