Taiwanese tech giant Acer is the latest company to fall victim to relentless hackers. What makes the Acer breach especially noteworthy is the fact that the group behind the attack is demanding a fifty-million-dollar ransom, which is the highest figure any group has ever demanded. The only thing that even comes close was another REvil attack, this one against a Dairy Farm, where the hackers demanded a hefty thirty million dollar ransom.
The company was struck with the REvil ransomware. It is increasingly common among these types of attacks that prior to encrypting the company's files, the group makes off with a wide range of sensitive company data. As proof of their misdeeds, they published a small fraction of it and threatened to release the rest if their demands aren't met. Based on the sample, it appears that the group made off with a variety of financial spreadsheets, bank balance information and assorted banking communications.
In addition to the sheer size of the ransom, another point of interest where this attack is concerned is that the group behind it seems to have exploited recently reported Microsoft Exchange Server vulnerabilities to execute the attack and successfully breach Acer's defenses. If indeed this proves to be the case, it marks the first time one of the "big game-hunting" ransomware groups has utilized that particular exploit.
Acer's formal response to the incident, which is still under investigation, reads as follows:
"Acer routinely monitors its IT systems, and most cyberattacks are well defensed. Companies like us are constantly under attack, and we have reported recent abnormal situations observed to the relevant law enforcement and data protection authorities in multiple countries.
We have been continuously enhancing our cybersecurity infrastructure to protect business continuity and our information integrity. We urge all companies and organizations to adhere to cyber security disciplines and best practices, and be vigilant to any network activity abnormalities."
Dark days for Acer, and it should put everyone in the IT field on notice. No one is safe.
About the Author
Marty Parker
Owner & General Manager
Marty is the Owner and General Manager of Heritage Digital. Marty has managed and built high-performing IT teams for over 30 years. He served 13 years in the manufacturing industry and 13 years in corporate-owned healthcare organizations. Before acquiring Heritage Digital, Marty was the Chief Information Officer of Carolinas Hospital System (now MUSC Health Florence Medical Center) in Florence, SC. Marty is passionate about educating and protecting people against cybercriminals.
