Hacking attempts and malware attacks are becoming more and more apparent. One kind of malware attack is called ransomware. As the name suggests, ransomware is a form of malware that encrypts the victim’s files. The attack can then demand a ransom from the victim if they want their files restored. The most popular example of such an attack would be the one in February that CD Projekt Red faced.
Taiwanese electronic company Acer has been the most recent victim of a ransomware attack. Though this is not their first one, it is by far the most expensive one when it comes to the amount of ransom being demanded. The attackers, a group called REvil, demanded a ransom of $50 million. The previous record for Acer was a demand of $30 million. Now that’s a lot of cash.
To prove that they were behind the attack, the group also released some of Acer’s files on their blog. The files included financial reports, bank balances, and bank communications. Acer responded by neither denying nor confirming the attack, merely saying that “Acer routinely monitors its IT systems, and most cyberattacks are well defensed.”
The company additionally stated that “We have been continuously enhancing our cybersecurity infrastructure to protect business continuity and our information integrity”. Upon further inquiry, the company said that an ongoing investigation prevented it from sharing more information “for the sake of security”.
According to sources, the ransomware group had offered Acer a ‘discount’ of 20% if they paid by Wednesday, March 17. They also promised to help Acer with their cybersecurity problem by providing a decryptor and a vulnerability report to prevent the company from falling for such kind of attacks in the future. How generous of them.
It has been speculated that these attacks targeted vulnerabilities of the Microsoft Exchange server. This kind of attack is becoming popular with a lot of cybercriminals. A Cyber Thread Intelligence Analyst, Ivan Righi, from Digital Shadows commented on the situation by saying “The REvil ransomware group is known for its high ransom demands, with a recent example being its USD 30 million ransom demanded from Dairy Farm in February 2021. It is not known if any of REvil’s victims have paid these exorbitant ransom demands, although it is unlikely. The large demand suggests that REvil likely exfiltrated information that is highly confidential, or information that could be used to launch cyberattacks on Acer’s customers”.
The group has warned that the ransom will double if the company fails to pay on time and they will publish all the data it has stolen from Acer. The deadline they gave is to pay by March 28.