Let’s talk more extortion around security. It’s clearly a growing trend.
The REvil gang, who attacked Apple’s supplier Quanta and stole data, is upping their threats. After not receiving a ransome payment, they leaked Apple schematics. Now, they have taken those down from the data leak site. This after a private chat between REvil and Quanta started four days ago, and a reduced ransom. It’s now $20 million, down from $50, and comes with a new deadline of May 7. The gang says they will publish drawings “for the new iPad and new apple logos” if they do not receive a response.
Unrelated, the DC Metropolitan Police Department has confirmed a breach. The Babuk ransomware gang has now leaked screenshots of stolen data. The gang stole 250GB of unencrypted files. The gang posted screenshots of the data they stole and has indicated they will start contacting gangs to warn them of police informants if not contacted in 3 days.
Why do we care?
Extortion ware. We’ve moved beyond simple ransoms to full on extortion. These are high profile examples to consider as you think about the consequences. Use these as examples – what would be the worst case scenario if your, or your customer’s, data was in the hands of gangs. What do you not want exposed that would weaken your brand, or your standing, or your intellectual property.
Think like the criminals, because they are out there devising ways to steal your data and then threaten you back.