Reports on breach for Apple’s biggest manufacturer, Foxconn, reached the public ears on 7th December through a report by the bleeping computer. The attack was executed at a Mexican branch where the attackers stole unencrypted files belonging to the organization before encrypting devices
The attackers are demanding upto $34.2 million in ransom- an equivalent of 1,804.095 Bitcoin. Failure to present the specified amount in 21 days will risk the irreversible removal of the encryption key.
How did Foxconn become a target
Foxconn is the largest electronics manufacturing company in the world and is best recognized for assembling Apple iPhone products. Last year, the company generated a $172 Billion revenue with a market capitalization of $79.64.
Execution of the Attack
It is believed that the first breach into the system was on 29th November at the Foxconn facility located at Ciudad Juárez- Mexico. The breach compromised around 1200-1400 servers, derived from upto 100GB of unencrypted data files, and deleted 20-30 Tb of backed up data.
The website of the attacked facility has since then been down and unavailable for use.
The infamous DoppelPaymers recently published the leaked documents, including standard business reports and documents, but no financial or employee personal information.
In an interview with BleepingComputer, Foxconn confirms that the 29th November attack was aimed at an information system in the US that supports its operations in America. He assures of efforts to investigate the attack and bring the offenders to justice. The current inactive website is thoroughly being investigated and restored in phases.
May this be the new trend
Reports of the Foxconn attack come days after Shirbit, an Israeli insurance company, was attacked an demanded ransom of upto 200BTC. Back in November, another company in Italy- the multinational energy behemoth Enel Group suffered the same fate and was asked to pay $17million worth of Bitcoin. Ransomware attacks seem to be more prevalent today, and major corporations are the key targets.