Search This Blog

Powered by Blogger.

Blog Archive

Labels

MSI Acknowledges Security Breach Following Ransomware Attack Allegations

The Money Message ransomware group earlier this week claimed to have infiltrated part of MSI's systems.

 

MSI (short for Micro-Star International), a Taiwanese PC vendor, revealed today that its network had been compromised in a cyberattack in response to claims of a ransomware attack. 

The Money Message ransomware group earlier this week claimed to have infiltrated part of MSI's systems and taken files that will be released online the following week if the business declines to pay a $4 million ransom. 

MSI disclosed that particular sections of its information service systems had been impacted by a cyberattack that had been notified to the appropriate authorities in a Friday filing with Taiwan's Stock Exchange (TWSE), which was first noticed by PCMag. 

"After detecting some information systems being attacked by hackers, MSI's IT department has initiated information security defense mechanisms and recovery procedures. The Company also has reported [sic] the anomaly to the relevant government authorities," MSI stated.

No information was provided by the company regarding the attack's time frame, if any of the compromised systems were encrypted, or whether the attackers stole any client or corporate data as a result of the event. 

Nevertheless, MSI did claim that the cyberattack had no "significant" operational or monetary effects and that security upgrades had been put in place to guarantee the protection of data held on the compromised systems.

"No significant impact on our business in terms of financial and operational currently. The Company is also enhancing the information security control measures of its network and infrastructure to ensure data security," the company added. 

On Friday, MSI also released a statement cautioning users to make sure they only download BIOS and firmware upgrades from legitimate websites. 

"MSI urges users to obtain firmware/BIOS updates only from its official website, and not to use files from sources other than the official website," the company concluded. 

After learning that the organisation may have been involved in the hack of a well-known computer hardware provider, BleepingComputer published the first report on the Money Message ransomware operation's activities last weekend.

In conversations between the ransomware gang and an MSI representative that BleepingComputer was able to observe, the threat actors wanted a $4,000,000 ransom in exchange for access to what they claimed to have stolen from MSI's network, amounting to about 1.5 TB of data.

If MSI doesn't pay the demanded ransom, Money Message now threatens to release the purportedly stolen files sometime next week. The threat actors have added MSI to their list of companies whose data they are leaking, although they have only so far shared screenshots of what they claim are the PC manufacturer's Enterprise Resource Planning (ERP) databases and files with software source code, secret keys, and BIOS firmware.
Share it:

Cyber Attacks

Data Leak

Online Security

Ransomware attack

System Hack