Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Security Technology

Motherboard Vendor GIGABYTE Hit By RansomExx Ransomware Gang (therecord.media) 34

Taiwanese computer hardware vendor GIGABYTE has suffered a ransomware attack, and hackers are currently threatening to release more than 112 GB of business data on the dark web unless the company agrees to their ransom demands. An anonymous reader shares a report: The Taiwanese company, primarily known for its high-performance motherboards, confirmed the attack in a phone call and in a message on its (now-down) Taiwanese website. A spokesperson said the incident did not impact production systems. Only a few internal servers at its Taiwanese headquarters have been affected and have now been taken down and isolated. The company is currently in the process of investigating how the hackers breached its systems, stole files, and encrypted local copies. Local law enforcement has also been notified.
This discussion has been archived. No new comments can be posted.

Motherboard Vendor GIGABYTE Hit By RansomExx Ransomware Gang

Comments Filter:
  • by jmccue ( 834797 ) on Friday August 06, 2021 @10:37AM (#61663849) Homepage

    If you do business on the Internet these orgs need to learn security is required, that means hiring knowledgeable people and implement what they suggest.

    All to often when some security suggestion is turned on, if a high level executive does not like it because it makes them have to do something, it is disabled. I have seen this often many times.

    Most people look at security as a drain on the bottom line and/or as something that only gets in the way of performing their tasks.

    • by battingly ( 5065477 ) on Friday August 06, 2021 @10:50AM (#61663913)
      No, that's not the lesson that companies are learning. They are learning that it's cheaper to run the risk and pay the ransom than it is to implement robust security.
    • by TechyImmigrant ( 175943 ) on Friday August 06, 2021 @11:07AM (#61663965) Homepage Journal

      >If you do business on the Internet these orgs need to learn security is required, that means hiring knowledgeable people and implement what they suggest.

      I think that's a hard step, even if you manage to make the decision to take it. Arguably I am one of those knowledgeable people, I work in a big techy corporation doing interesting security work. Compared to the numbers of vulnerable companies out there, there simply are not enough of us to go around and being the lone security guy in a cheese factory isn't a career that appeals to me.

      Getting organizational security right involves thinking deeply about the behavior of people and what will work, what will annoy, what will be effective in the presence of those users. Even the security-capable companies haven't managed that yet for themselves. So what hope for everyone else?

      My wife had a yarn store, the sort that knitters go to (currently morphed into a wholesale business). It may have been the most information-secure yarn store since I helped out with that, wrote the PoS and handled the PCI-DSS side. For example, one simple workaround for the complexity of handling stored credit card data was we did not store it on computers. It went in a had-written book in a locked place. When orders came in for customers wanting the convenience of us holding their credit card numbers, the book was consulted and the order fulfilled. We could have had the computers wiped and be up and running in an hour. Fresh images, pull the code (all python) from backup, pull the PoS database backup (daily db backups, per-transaction logs to cloud storage intra day). The hour being the time to re-install Linux on a couple of machines. Installing the code and db backups was a script that took less than a minute.

      None of this was complicated, but I don't know of other small scale retail businesses that work that way. They spend money on quickbooks or swype or square retail solutions and then complain about how bad it is.

      However, even with all that, the security of web sales were at the mercy of the online platform. Fortunately, knitters don't do a whole lot of web shopping for yarn and tools. They want to feel it in their hands before buying.

      I imaging Gigabyte's 11GB of data is very boring and won't be slightly interesting. They'll be back up and running, won't pay the ransom and the data will be worthless.

      • > They spend money on quickbooks or swype or square retail solutions and then complain about how bad it is.

        Don't worry, instead of complaining about her retail solution, your wife complains about you.

        • > They spend money on quickbooks or swype or square retail solutions and then complain about how bad it is.

          Don't worry, instead of complaining about her retail solution, your wife complains about you.

          But she's stuck with me for tech support.

    • Looks like they did an ok job. They are still running it looks like and all the hackers got was probably sales data. Uncomfortable for gigabyte, but they look to have isolated production from marketing or sales or whatever got hacked.
    • ...or as something that only gets in the way of performing their tasks.

      And why do you think password managers were invented if security wasn't getting the way?

    • Probably cheaper to just buy ransomware insurance. What's the likely monthly premium? Maybe 1 or 2 grand? Compared to the taxes, salary, and other expenses associated with hiring someone competent, it's probably a no-brainer for the beancounters and managers who are only concerned about their quarterly bonuses and don't care if they have to burn down the entire company to get it.

    • If you do business on the Internet these orgs need to learn security is required

      - You're talking about a motherboard manufacturer which can't even write a UEFI boot code that works with Windows 10 USB installs. Though after 15 BIOS updates they did eventually release on which worked.
      - You're talking about a motherboard company whose RGB software came with a system service called killcheck.exe which (and I'm not joking in the slightest) only exists to see if the actual RGB software has crashed so it can restart it. Though in fairness they fixed this recently... but the new version
      - Thei

      • I always used Gigabyte mobos, since the 1990s and never had a problem. My last build was based on an ASUS simply because it was the only board I could find that had the video outs I needed. Maybe their website had a SQL injection vulnerability but their mobos are excellent.
        • So do I. I've always had Gigabyte motherboards. The hardware on them is generally well designed, and I will continue to buy them. They just can't code software / firmware though to save themselves.

          Hardware wise the only time they've ever really erred which I can remember was with the lower end X470 boards which inexplicably do not include anything remotely resembling a heatsink on the power stage. I was unfortunate enough to have had one of those. The VRMs reached 110C on a *non-overclocked* 2700x which is

  • by Gravis Zero ( 934156 ) on Friday August 06, 2021 @11:42AM (#61664105)

    If these criminals were any good at programming and crime then they could have infected millions of motherboards firmwares, waited and then execute the largest ransomware attack of all time. *Sigh* I suppose nobody ever accused criminals of being too intelligent.

    • If these criminals were any good at programming and crime then they could have infected millions of motherboards firmwares, waited and then execute the largest ransomware attack of all time. *Sigh* I suppose nobody ever accused criminals of being too intelligent.

      That may have accidentally made Gigabyte's firmware functional and we can't have that. *stares awkwardly at the BIOS select switch in the secondary position even though the system is booting from primary because their code inexplicably got confused and has now suddenly reversed this switch*.

      • I recently got a bricked Gigabyte board where the owner had just flashed to the latest firmware. The dual-boot feature did not work, so I had to desolder and switch the BIOS chips to get it running. I found out that the firmware the company had on their website was for the wrong motherboard, so if I had flashed to the latest version, it would brick the board again with no way to recover.

        Seriously, how does a company put two BIOS chips on their motherboards and still fail at redundancy, and not have any sa

        • Seriously, how does a company put two BIOS chips on their motherboards and still fail at redundancy

          I had (past tense) a Gigabyte X470 Ultra Gaming. It had dual BIOS. My primary got corrupted due to a UEFI bug that gets triggered when running Ryzen master, so the system booted from the secondary. No problem we can just flash the... wait... no we can only flash the secondary. On their cheaper boards if the primary dies that's it. It'll attempt to boot from it 3 times and then switch to the secondary on every boot. No option to flash the primary*.

          I RMAd the board and bought an X470 Wifi 7, that at least has

Top Ten Things Overheard At The ANSI C Draft Committee Meetings: (10) Sorry, but that's too useful.

Working...