See No REvil
April 24, 2021 8:33 AM Subscribe
Apple’s Ransomware Mess Is the Future of Online Extortion — This week, hackers stole confidential schematics from a third-party supplier and demanded $50 million not to release them. WIRED, 4/23/2021 [alternate Ars Technica link]: After years of refining their mass data encryption techniques to lock victims out of their own systems, criminal gangs are increasingly focusing on data theft and extortion as the centerpiece of their attacks — and making eye-popping demands in the process. “Our team is negotiating the sale of large quantities of confidential drawings and gigabytes of personal data with several major brands,” REvil [WP] wrote in its post of the stolen data. “We recommend that Apple buy back the available data by May 1.” Related: DOJ Forms Ransomware Task Force as REvil Demands $50M, SDX Central, 4/22/2021.
I don’t like this remake of Ocean’s 11.
posted by Going To Maine at 9:21 AM on April 24, 2021
posted by Going To Maine at 9:21 AM on April 24, 2021
I often wonder how tactics against these groups might quickly, and darkly, evolve once they start seriously targeting global, bajillion-dollar corps (like Apple, among others). You know, pockets so infinitely deep as to make hiring the best mercenaries in the world a mere rounding error in some obscure department budget.
I mean, I can’t see Apple going that way, but I can certainly imagine some other corps opting to get messy. This shit won’t stay in the cloud for long if they start seriously pissing-off the titans.
posted by Thorzdad at 9:30 AM on April 24, 2021 [8 favorites]
I mean, I can’t see Apple going that way, but I can certainly imagine some other corps opting to get messy. This shit won’t stay in the cloud for long if they start seriously pissing-off the titans.
posted by Thorzdad at 9:30 AM on April 24, 2021 [8 favorites]
It's laughable these guys thought disclosing some schematics was worth $50M. What, you think Apple has some super-secret $50M proprietary design for wiring up the pcie bus and charging the battery? Perhaps a scandalous signal integrity issue in the thunderbolt connector?
What's next, some evil villain is going to ransom the structural blueprints for Apple Park?
posted by ryanrs at 9:47 AM on April 24, 2021 [8 favorites]
What's next, some evil villain is going to ransom the structural blueprints for Apple Park?
posted by ryanrs at 9:47 AM on April 24, 2021 [8 favorites]
Most of these ransomware gangs are operating out of Russia, with the tacit backing of the Kremlin, as long as they only target foreigners—the fat/greedy/stupid “amers”, stereotypically—and, when requested, lend their resources to the national interest. Essentially, they're Putin's Privateers.
I saw an estimate that as much as 20% of Russia's GDP these days could be ransomware or similar.
posted by acb at 1:15 PM on April 24, 2021 [2 favorites]
I saw an estimate that as much as 20% of Russia's GDP these days could be ransomware or similar.
posted by acb at 1:15 PM on April 24, 2021 [2 favorites]
I can't see any upside to Apple paying it. There's no guarantee the data hasn't already been passed onto various third parties, especially Russian. Apple's protection here is its manufacturing agreements and ability to spot imitators/counterfeiters a mile away--they'd never be able to manufacture properly in China without having already figured out how to stop unofficial third shifts from knocking out off-brand Apple gear. At worst, there's a marketing cost to secrets leaking, but even then, Apple holds a lot of influence--publish something from the stolen trove, and your outfit is blacklisted by Apple.
I'm thinking of a Coke executive talking to a reporter one time, who was asking about the secret formula. The exec put a blank piece of paper on the desk and said "imagine that's the entire formula right there. You still don't have the manufacturing facilities, the supply agreements, the distribution agreements, the brand recognition, any of that. The formula is worthless to you." Apple's secrecy has been a pose all along, and never the source of its market domination.
posted by fatbird at 1:50 PM on April 24, 2021 [14 favorites]
I'm thinking of a Coke executive talking to a reporter one time, who was asking about the secret formula. The exec put a blank piece of paper on the desk and said "imagine that's the entire formula right there. You still don't have the manufacturing facilities, the supply agreements, the distribution agreements, the brand recognition, any of that. The formula is worthless to you." Apple's secrecy has been a pose all along, and never the source of its market domination.
posted by fatbird at 1:50 PM on April 24, 2021 [14 favorites]
Ha ha ha, imagine trying to sell the stolen MacBook and iMac schematics on the dark web: "yeah you'll be able to clone the entire device, except for the M1 cpu, you'll have to source those on your own".
This scam was 100% dependent on Quanta paying up so REvil doesn't make noise and get Apple mad at Quanta. Quanta didn't bite, so now they're on to Plan B: threaten Quanta's customers. But that's a real weak plan.
posted by ryanrs at 2:57 PM on April 24, 2021 [5 favorites]
This scam was 100% dependent on Quanta paying up so REvil doesn't make noise and get Apple mad at Quanta. Quanta didn't bite, so now they're on to Plan B: threaten Quanta's customers. But that's a real weak plan.
posted by ryanrs at 2:57 PM on April 24, 2021 [5 favorites]
i think it'd be kind of cool if The Kremlin stole apple's intellectual property to be honest. they hustled. they deserve it.
posted by jy4m at 12:28 AM on April 25, 2021
posted by jy4m at 12:28 AM on April 25, 2021
If your supply chain has good reason to have access to your intellectual property, so do your end users. Schematics and specifications should just be available.
One of the things I appreciated most about my Apple ][+ was that the user manuals included complete schematics for the electronics and assembly listings for the onboard system monitor ROM.
If these ransomware chucklefucks do end up spreading Apple's schematics to all and sundry, that's the best possible outcome. Apple should pay them nothing.
posted by flabdablet at 4:15 AM on April 25, 2021 [3 favorites]
One of the things I appreciated most about my Apple ][+ was that the user manuals included complete schematics for the electronics and assembly listings for the onboard system monitor ROM.
If these ransomware chucklefucks do end up spreading Apple's schematics to all and sundry, that's the best possible outcome. Apple should pay them nothing.
posted by flabdablet at 4:15 AM on April 25, 2021 [3 favorites]
I saw an estimate that as much as 20% of Russia's GDP these days could be ransomware or similar.
This suggests the following no doubt highly idiosyncratic and incomplete to the point of being incorrect review of Cold War history:
US and USSR compete for "hearts and minds" / cultural dominance by making their respective halves of Berlin architectural embassadors for their respective political economies. But residents and observers on both sides see the bad as well as the good in both halves, how each fails to live up to their advertised images, and overall it is a draw.
US and USSR compete for military dominance, also come to a draw via Mutually Assured Destruction. Rest of world plus many citizens of each country get really annoyed at the whole irresponsibly putting the whole of humanity in existential danger side effect.
US and USSR compete for political dominance via proxy wars around the world. Turns out the locals were already pretty fed up with colonialism and don't appreciate being pawns in proxy wars. Also a draw.
US and USSR compete for economic dominance, with the military-industrial complex in the US appearing to win the day over the Soviet central planning and spending model, kind of bringing the USSR down via weaknesses in its economic system. USSR collapses, with other countries declaring independence from Russia. US capitalists and Cold Warriors celebrate, seems to be not-a-draw?
After an intermediate period, Russia continues Cold War on same economic turf, pivoting to tearing US down via its own economic system weaknesses. Preliminary results indicate this method is seeing considerable success.
I simultaneously appreciate the irony in this(*) and am really, really tired of this whole Cold War having simply morphed forms/claims that the Cold War ended yet the same politicians keep being in charge and making the decisions based on very similar concerns(**) situation.
(* This sort of ransom attempt couldn't happen without capitalism, which is the main reason why the whole category of proprietary business data exists in the first place. As someone opposed to capitalism, there's definitely an amusing element to reading about this particular constructed category of crime. Although I suspect the victims of this sort of ransomware attack are far more often small time folks for whom the stolen data is their retirement plan, and that giant multinational corporations have more to worry about from more traditional forms of corporate espionage, but also have the resources to mitigate risk in either case, making either situation just a minor business expense.)
(** Very much including Putin here, not at all trying to pull a Greenwald or suggest that the US doesn't have any current cause for worrying about actions of the Russian government.)
posted by eviemath at 7:46 AM on April 25, 2021 [1 favorite]
This suggests the following no doubt highly idiosyncratic and incomplete to the point of being incorrect review of Cold War history:
US and USSR compete for "hearts and minds" / cultural dominance by making their respective halves of Berlin architectural embassadors for their respective political economies. But residents and observers on both sides see the bad as well as the good in both halves, how each fails to live up to their advertised images, and overall it is a draw.
US and USSR compete for military dominance, also come to a draw via Mutually Assured Destruction. Rest of world plus many citizens of each country get really annoyed at the whole irresponsibly putting the whole of humanity in existential danger side effect.
US and USSR compete for political dominance via proxy wars around the world. Turns out the locals were already pretty fed up with colonialism and don't appreciate being pawns in proxy wars. Also a draw.
US and USSR compete for economic dominance, with the military-industrial complex in the US appearing to win the day over the Soviet central planning and spending model, kind of bringing the USSR down via weaknesses in its economic system. USSR collapses, with other countries declaring independence from Russia. US capitalists and Cold Warriors celebrate, seems to be not-a-draw?
After an intermediate period, Russia continues Cold War on same economic turf, pivoting to tearing US down via its own economic system weaknesses. Preliminary results indicate this method is seeing considerable success.
I simultaneously appreciate the irony in this(*) and am really, really tired of this whole Cold War having simply morphed forms/claims that the Cold War ended yet the same politicians keep being in charge and making the decisions based on very similar concerns(**) situation.
(* This sort of ransom attempt couldn't happen without capitalism, which is the main reason why the whole category of proprietary business data exists in the first place. As someone opposed to capitalism, there's definitely an amusing element to reading about this particular constructed category of crime. Although I suspect the victims of this sort of ransomware attack are far more often small time folks for whom the stolen data is their retirement plan, and that giant multinational corporations have more to worry about from more traditional forms of corporate espionage, but also have the resources to mitigate risk in either case, making either situation just a minor business expense.)
(** Very much including Putin here, not at all trying to pull a Greenwald or suggest that the US doesn't have any current cause for worrying about actions of the Russian government.)
posted by eviemath at 7:46 AM on April 25, 2021 [1 favorite]
honestly so far the main leak from this has been "upcoming MacBook Pro seems to have ditched the touch bar and brought back the SD card slot" so if anything it has done Apple a favor in the eyes of the people most likely to care about leaks of upcoming hardware
I think that the Coke formula analogy above is spot-on: the moment of the reveal is fun, but you still need something to reveal in the first place, and that's the main thing that matters here.
posted by DoctorFedora at 8:45 PM on April 25, 2021 [1 favorite]
I think that the Coke formula analogy above is spot-on: the moment of the reveal is fun, but you still need something to reveal in the first place, and that's the main thing that matters here.
posted by DoctorFedora at 8:45 PM on April 25, 2021 [1 favorite]
Hacker Group Mysteriously Removes Stolen Apple Schematics and Extortion Threat From Ransomware Website, MacRumors, Tim Hardwick, April 26, 2021:
posted by cenoxo at 7:57 AM on April 26, 2021 [2 favorites]
A ransomware group that last week stole schematics from Apple supplier Quanta Computer and threatened to release the trove of documents has mysteriously removed all references related to the extortion attempt from its dark web blog, MacRumors can confirm.Top rated comment under this article: "John Wick did his job."
...
Historically, REvil isn't known for bluffing and routinely posts stolen documents if its victims don't pay up, so it's unclear why the group has failed to follow through on this occasion, and Apple has so far not commented on the breach. The group actively continues to extort other companies, so what has prompted it to remove all content linked to the Quanta hack remains unknown.
posted by cenoxo at 7:57 AM on April 26, 2021 [2 favorites]
Doesn't that imply (perhaps falsely) that Apple paid up?
If Apple said "We know you have it. Pound sand, REvil", their best response might be to quietly suggest that they were successful and let others speculate.
posted by fatbird at 4:37 PM on April 26, 2021 [1 favorite]
If Apple said "We know you have it. Pound sand, REvil", their best response might be to quietly suggest that they were successful and let others speculate.
posted by fatbird at 4:37 PM on April 26, 2021 [1 favorite]
They're pulling the ripcord and giving up on this thing, while trying to leave the impression they got paid. The alternative was to watch this high-profile hack just kinda wither up over the course of the news cycle because it doesn't actually affect anything.
Ending it on their terms and crawling away is more clever than just standing around looking stupid, so I'll give them that.
e: see above, heh
posted by ryanrs at 4:38 PM on April 26, 2021 [1 favorite]
Ending it on their terms and crawling away is more clever than just standing around looking stupid, so I'll give them that.
e: see above, heh
posted by ryanrs at 4:38 PM on April 26, 2021 [1 favorite]
« Older a few short happy-ending sf/f stories | Bad software sent UK postal workers to jail Newer »
This thread has been archived and is closed to new comments
posted by NoThisIsPatrick at 8:59 AM on April 24, 2021 [18 favorites]