MSI confirms cyberattack, doesn't say it was ransomware
The company now recommends getting firmware only from official sourcesBy Alfonso Maruccia
The big picture: Even if ransomware isn't the scourge it once was, big companies and organizations are still dealing with file-encrypting attacks on a regular basis. MSI was recently caught in this crypto-net, though the corporation merely confirmed a generic attack glossing over the details.
MSI was recently affected by a cyberattack against some of its systems, with the Taiwanese company confirming the attack after detecting some "network anomalies." The attack was likely executed by a well-known ransomware gang, but MSI doesn't seem interested in paying the ransom asked by the cyber-criminals to stop the stolen files release.
Last week, the "Money Message" ransomware group stated they had successfully attacked some of MSI's systems, stealing around 1.5 terabytes of data. The cyber-criminals demanded MSI pay a $4 million ransom, threatening to release the stolen files otherwise.
Money Message apparently got a trove of extremely sensitive files, including private communications, source code, and even the framework used by MSI for its motherboard firmware. Having this kind of data shared on a public forum could obviously become a security and PR nightmare for MSI, even though the Taiwanese company hasn't confirmed that there is a ransomware operation behind the attack.
MSI simply stated that after detecting the network anomalies, the company's IT department promptly activated "relevant defense mechanisms and carried out recovery measures," and reported the incident to government law enforcement agencies and cybersecurity units. The affected systems have resumed normal operations, MSI said, and there will be no significant impact on its financial business.
The company also said it is committed to protecting the privacy of data belonging to "consumers, employees, and partners," and that it will continue to "strengthen" its cyber-defenses to maintain business continuity and network security in the future.
MSI also urged customers to get their BIOS and firmware updates exclusively from the company's official website, avoiding downloads from unknown or sketchy sources. This is pretty basic advice when it comes to proper internet security, and it would be rather pointless for users to search for modded or unofficial - yet perfectly safe - firmware dumps.