Connect with us

Tech

Apple’s ransomware mess is the future of online extortion

Published

on

Apple’s ransomware mess is the future of online extortion

Aurich Lawson

On the day Apple was set to announce a slew of new products at its Spring Loaded event, a leak appeared from an unexpected quarter. The notorious ransomware gang REvil said they had stolen data and schematics from Apple supplier Quanta Computer about unreleased products and that they would sell the data to the highest bidder if they didn’t get a $50 million payment. As proof, they released a cache of documents about upcoming, unreleased MacBook Pros. They’ve since added iMac schematics to the pile.

The connection to Apple and dramatic timing generated buzz about the attack. But it also reflects the confluence of a number of disturbing trends in ransomware. After years of refining their mass data encryption techniques to lock victims out of their own systems, criminal gangs are increasingly focusing on data theft and extortion as the centerpiece of their attacks—and making eye-popping demands in the process.

wired logo

“Our team is negotiating the sale of large quantities of confidential drawings and gigabytes of personal data with several major brands,” REvil wrote in its post of the stolen data. “We recommend that Apple buy back the available data by May 1.”

For years, ransomware attacks involved the encryption of a victim’s files and a simple transaction: pay the money, get the decryption key. But some attackers also dabbled in another approach—not only did they encrypt the files, but they stole them first and threatened to leak them, adding additional leverage to ensure payment. Even if victims could recover their affected data from backups, they ran the risk that the attackers would share their secrets with the entire Internet. And in the past couple of years, prominent ransomware gangs like Maze have established the approach. Today incorporating extortion is increasingly the norm. And groups have even taken it a step further, as is the case with REvil and Quanta, focusing completely on data theft and extortion and not bothering to encrypt files at all. They’re thieves, not captors.

“Data encryption is becoming less of a part of ransomware attacks for sure,” says Brett Callow, a threat analyst at the antivirus firm Emsisoft. “In fact ‘ransomware attack’ is probably something of a misnomer now. We’re at a point where the threat actors have realized that the data itself can be used in a myriad of ways.”

In the case of Quanta, attackers likely feel they hit a nerve, because Apple is notoriously secretive about intellectual property and new products in its pipeline. By hitting a vendor downstream in the supply chain, attackers give themselves more options about the companies they can extort. Quanta, for example, also supplies Dell, HP, and other large tech companies, so any breach of Quanta’s customer data would be potentially valuable for attackers. Attackers also may find softer targets when they look to third-party suppliers who may not have as many resources to funnel into cybersecurity.

“Quanta Computer’s information security team has worked with external IT experts in response to cyber attacks on a small number of Quanta servers,” the company said in a statement. It added that it is working with law enforcement and data protection authorities “concerning recent abnormal activities observed. There’s no material impact on the company’s business operation.”

Apple declined to comment.

“A couple of years ago, we didn’t really see much ransomware plus extortion at all, and now there’s an evolution all the way to extortion-only events,” says Jake Williams, founder of the cybersecurity firm Rendition Infosec. “I can tell you as an incident responder that people have gotten better at responding to ransomware events. Organizations I work with are more likely today to be able to recover and avoid paying a ransom with traditional file-encryption techniques.”

The $50 million demand may seem extraordinary, but it also fits in with the recent ransomware trend of “big game” hunting. REvil reportedly put the same sum to Acer in March, and the average ransomware demand reportedly doubled between 2019 and 2020. Large companies have become a more popular target specifically, because they can potentially afford big payouts; it’s a more efficient racket for a criminal group than cobbling smaller payments together from more victims. And attackers have already been experimenting with strategies to put pressure on extortion victims, like contacting individuals or businesses whose data might be impacted by a breach and telling them to encourage a target to pay. Just this week, one ransomware group threatened to feed information to short sellers of publicly traded companies.

A company like Apple would presumably take the threat of leaking intellectual property seriously. But other organizations, especially those that hold regulated personal data from customers, have even more incentive to pay if they think it will help cover up an incident. A seven-figure ransom might seem appealing if disclosing a breach might result in $2 million of regulatory fines under laws like Europe’s GDPR or California’s Consumer Privacy Act.

“Even if Apple specifically would pay or compel payment through Quanta now, that doesn’t necessarily make it a reliable, repeatable model for attackers,” Williams says. “But there’s a very large number of organizations that have regulated data, and the cost of their potential fines is fairly predictable, so that may be more reliable and the thing defenders should worry about.”

The potential for extortion attacks against supply chain vendors magnifies every company’s risks. And given that organizations have historically often paid ransoms in secret, a force that may push even more transactions in that direction will only increase the challenge of getting a handle on ransomware gangs. The Justice Department said on Wednesday that it is launching a national task force aimed at addressing the ever-rising threat of ransomware.

Given how aggressively ransomware has evolved—and on an international scale—they’ll have their hands more than full.

This story originally appeared on wired.com.

Continue Reading
Advertisement
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Tech

Replicated: Demand for on-premises software equally as strong as SaaS

Published

on

Replicated: Demand for on-premises software equally as strong as SaaS

Join Transform 2021 this July 12-16. Register for the AI event of the year.


While there is a strong demand for cloud applications and software-as-a-service, security, regulatory, and compliance requirements continue to drive demand for on-premises software. In a new Dimensional Research report, 92% of companies said on-premises software was growing. The report, sponsored by Replicated, a software delivery and management company, found that current customer demand for on-premises software was equal to that of public cloud.

Above: Customer demand for on-premises software delivery isn’t slowing down anytime soon.

While it may be popular to believe that “cloud is king” and SaaS is the best and most in-demand modern enterprise software, data shows that demand for on-premises software is equally as strong. It’s the smart choice for customers operating under security, regulatory, and compliance requirements; many organizations cannot allow their customer data to be shared in multi-tenant environments. Additionally, software companies that do not currently provide an on-premises solution to customers leave money on the table and miss a significant business and competitive opportunity.

This new report from Dimensional Research, sponsored by Replicated, highlights the missed business opportunities for software vendors who are not offering an on-premises version. The report provides detailed insights around the current use, need, and challenges for on-premises software and its installation, configuration and management. This report also takes a closer look at the parallel rise in the adoption of container-based applications and the use of Kubernetes.

Perhaps the most important findings are that 92% of surveyed participants reported their on-premises software sales as growing, and that on-premises solutions are equally as popular as their public cloud alternatives. This directly counters the popular narrative that SaaS has overtaken on-premises software delivery, as security and data protection stay top of mind for enterprise software customers.

The survey from Dimensional Research includes feedback from 405 business and technology professionals at executive and manager seniority levels, representing software companies of all sizes around the world across a wide variety of different industries.

Read the full report from Replicated

VentureBeat

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact.

Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:

  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more

Become a member

Continue Reading

Tech

Roblox hits Q1 bookings of $652.3 million, up 161%, in first report as public company

Published

on

Roblox's user-generated game characters.

Did you miss GamesBeat Summit 2021? Watch on-demand here! 


Roblox, the platform for Lego-like user-generated games, reported its earnings for the first time as a publicly traded company. This met analysts’ expectations. Bookings for the first quarter ended March 31 were $652.3 million, up 161% from the same quarter a year ago.

Roblox has done among its target audience of children and teens during the pandemic, as players turned to it for remote, socially distanced play with their friends at a time when they couldn’t meet in-person.

Roblox previously raised $520 million at a $29.5 billion valuation in a financing round ahead of its direct listing on the New York Stock Exchange as a public company. It opened on March 10 at a valuation of $41.9 billion a share and has hovered around that value. Investors greeted the results positively, with Roblox trading up 5% at $67.18 a share in after-hours trading.

Q1 results

Analysts expected a loss of 21 cents a share on bookings of $568.6 million. Most video game companies emphasize non-GAAP bookings, or the total value of virtual currency purchases by players during the quarter, instead of revenues, which under accounting rules are limited to those purchases that are expected to be fully resolved within a certain time period. For instance, a player may buy Robux currency in the first quarter, but spend it over 10 months. That revenue has to be recognized over time, as it is spent inside the platform’s games.

Roblox’s quarterly revenue came in at $387 million, up 140% from a year earlier. The GAAP net loss for the quarter was $134.2 million. But operating cash flow as positive, and so that means cash is coming into the business, said chief business officer Craig Donata in an interview with GamesBeat.

“We had a strong quarter in terms of bookings, revenue, and operating cash flow, and more important, in terms of daily active user growth and time spent by players,” Donato said.

Roblox gets a 30% cut from the bookings generated by sales of Robux, the virtual currency used by players to play user-generated games, the company’s bookings for 2020 were $1.9 billion, double what they were the year before. Roblox’s games have become so popular that people have played the best ones billions of times. On average, 32.6 million people come to Roblox every day. More than 1.25 million creators have made money in Roblox. In the year ended December 31, 2020, users spent 30.6 billion hours engaged on the platform, an average of 2.6 hours per daily active user each day.

Above: Roblox’s user-generated game characters.

Image Credit: Roblox

Net cash provided by operating activities increased nearly four times in Q1 2021 over Q1 2020 to $164.5 million (including one-time direct listing expenses of $51.9 million). Exclusive of one-time expenses related to the direct listing, net cash provided by operating activities would have been $216.4 million.

Free cash flow increased 4.1 times over Q1 2020 to $142.1 million. Average daily active users (DAUs) were 42.1 million, an increase of 79% year over year driven by 87% growth in DAUs outside of the U.S. and Canada and 111% growth in DAUs over the age of 13.

Hours engaged were 9.7 billion, an increase of 98% year over year primarily driven by 104% growth in engagement in markets outside of the U.S. and Canada, and 128% growth from users over the age of 13. Average bookings per DAU (ABPDAU) was $15.48, an increase of 46% year over year.

April results

Rather than make forecasts about how its upcoming quarter is expected to go, Roblox is not making a forecast. Rather, it is disclosing the actual results for the month of April, which is part of the second quarter.

For the month of April alone, daily active users were 43.3 million, up 37% from April of last year and up sequentially from 42.3 million in the month of March 2021. Hours engaged in April were 3.2 billion, up 18% year over year and flat sequentially from March 2021.

Bookings were between $242 million and $245 million, up 59% to 61% year over year and up sequentially 7% to 9% from March 2021 when bookings were $225.3 million.

Average bookings per DAU were between $5.59 to $5.66, up 16% to 17% year over year and 5% to 6% sequentially from March 2021. April revenue was $143 million to $145 million, up 136% to 140% year over year and 5% to 7% sequentially from March 2021.

“Our first quarter 2021 results enabled us to continue investing aggressively in the key areas that we believe will drive long term growth and value, specifically hiring talented engineering and product professionals and growing the earnings for our developer community,” said chief financial officer of Roblox Michael Guthrie,  in a statement. “We believe we must continue to innovate and so remain focused on building great technology to make progress on our key growth vectors, primarily international expansion and expanding the age demographic of our users.”

The company closed the March quarter with 1,054 employees, up from 651 a year earlier.

GamesBeat

GamesBeat’s creed when covering the game industry is “where passion meets business.” What does this mean? We want to tell you how the news matters to you — not just as a decision-maker at a game studio, but also as a fan of games. Whether you read our articles, listen to our podcasts, or watch our videos, GamesBeat will help you learn about the industry and enjoy engaging with it.

How will you do that? Membership includes access to:

  • Newsletters, such as DeanBeat
  • The wonderful, educational, and fun speakers at our events
  • Networking opportunities
  • Special members-only interviews, chats, and “open office” events with GamesBeat staff
  • Chatting with community members, GamesBeat staff, and other guests in our Discord
  • And maybe even a fun prize or two
  • Introductions to like-minded parties

Become a member

Continue Reading

Tech

IronSource’s Supersonic launches LiveGames publishing service for indies

Published

on

IronSource's Supersonic launches LiveGames publishing service for indies

Did you miss GamesBeat Summit 2021? Watch on-demand here! 


Mobile monetization firm IronSource said its Supersonic Studios division has launched LiveGames, a self-service way for indie game developers to manage mobile games and their live services (such as tournaments or updates).

This is for Supersonic publishing solution, which IronSource launched more than a year ago. The announcement comes after it announced that it plans to go public via a special purpose acquisition company (SPAC) at an $11.1 billion valuation.

The product offers developers who publish their mobile games with Supersonic access to game management and full visibility and transparency into in-game metrics that enable them to better manage and grow their published games.

Nadav Ashkenazy, the general manager of Supersonic Studios, said in an interview with GamesBeat that the goal is to make publishing tools accessible to indie developers so they can get their games off the ground. It helps with the “growth loop,” after a game reaches a large scale and then needs attention in terms of improving numbers, such as the average playtime per user.

“After you scale a game globally, everything gets more complicated,” Ashkenazy said. “For average playtime per user, we give you a snapshot for that.”

The idea is to support developers as independent companies by productizing what is otherwise a manual process. It also adds some important transparency for developers that they normally can’t get out of game publishers, said Omer Kaplan, the chief revenue officer at IronSource, in an interview with GamesBeat.

“Historically, publishing is a black box,” Kaplan said. “A developer’s game meets retention goals. Then a publisher handles growth and gives a revenue share. We make everything transparent. We have complete transparency for the developers using our publishing solution on the IronSource platform.”

Several rival products in the market help developers test the performance and marketability of their prototypes, with IronSource launching its self-serve testing product for Supersonic developers in 2020. However, one of the biggest challenges comes once a game has been published, since many of the insights relating to a game and its performance are not commonly visible to the developer, limiting the ability to understand, test, iterate and improve for the long term.

Above: IronSource’s LiveGames helps studios manage their game data.

Image Credit: IronSource

With Supersonic, IronSource has focused on helping game companies become better developers, rather than treat each game as a standalone unit.

Through LiveGames, developers will have access to data such as daily, monthly, and annual profit for each of their published games; advanced analytics including retention, playtime, lifetime value, and ad engagement for each region and user acquisition channel; rewarded video and interstitial ad analysis; and advanced analytics from A/B tests for test comparison.

Stan Mettra, the CEO of game studio Born2play, is using LiveGames with the game StackyDash. He said in a statement this is the first time the company has so many insights into the performance of the game. That helps take away blind spots and helps the company take steps to increase revenue. About 25 studios used the LiveGames service in alpha testing and they’re now ready to start using the product.

“We’re encouraging the developers to remain independent,” Kaplan said.

Tel Aviv, Israel-based IronSource has previously said it would raise $2.3 billion in cash proceeds for both shareholders and the company itself through the transactions, which includes both the proceeds from the SPAC (a faster way of going public compared to an initial public offering) and an additional private investment known as a PIPE, or private investment in a public equity. SPACs have become a popular way for fast-moving companies to go public without all the hassle of a traditional IPO. Regulators have come up with more rules to govern SPACs, but the idea is to raise money faster.

IronSource said it recorded 2020 revenue of $332 million and adjusted earnings before interest, taxes, depreciation, and amortization (EBITDA) of $104 million. IronSource said its monetization platform is designed to enable any app or game developer to turn their app into a scalable, successful business by helping them to monetize and analyze their app and grow and engage their users through multiple channels, including unique on-device distribution through partnerships with telecom operators such as Orange and a device makers such as Samsung.

In 2020, IronSource said 94% of its revenues came from 291 customers with more than $100,000 of annual revenue, a dollar-based net expansion rate of 149%.

GamesBeat

GamesBeat’s creed when covering the game industry is “where passion meets business.” What does this mean? We want to tell you how the news matters to you — not just as a decision-maker at a game studio, but also as a fan of games. Whether you read our articles, listen to our podcasts, or watch our videos, GamesBeat will help you learn about the industry and enjoy engaging with it.

How will you do that? Membership includes access to:

  • Newsletters, such as DeanBeat
  • The wonderful, educational, and fun speakers at our events
  • Networking opportunities
  • Special members-only interviews, chats, and “open office” events with GamesBeat staff
  • Chatting with community members, GamesBeat staff, and other guests in our Discord
  • And maybe even a fun prize or two
  • Introductions to like-minded parties

Become a member

Continue Reading

Trending