MSI Advises Customers to Be Wary of Downloads
Hardware manufacturer MSI recently experienced a cyber attack, prompting the company to issue a statement advising customers to download BIOS and firmware updates solely from their official website. Unfortunately, it remains unknown which data the attackers were able to access.
MSI Acknowledges Attack but Provides Few Details
MSI admits to the attack but it has not released many details regarding how the attack was carried out or which vector the criminals used to gain access. The company has also not revealed the extent of the breach or what data the attackers had access to. MSI does note that the issue has been resolved and day-to-day business has not been impacted.
MSI Recommends Downloading Only from Official Website
The hardware manufacturer is recommending that its customers download updates from the official MSI website exclusively for security reasons since the attackers claim to have copied a framework for developing BIOS modules, among other things. This framework may be employed by the attackers to create BIOS updates that contain malicious code.
Ransomware Group Money Message Suspected in Attack
Reports suggest that the ransomware gang, Money Message, is the likely attacker. The ransom demand is thought to be $4 million and the attackers are believed to have copied an immense amount of data, 1.5 terabytes to be exact. This data reportedly includes BIOS files, the Enterprise Resource Planning (ERP) database, private keys, and source code, among other things. However, whether the extortionists are truly in possession of this information remains to be confirmed. In any event, the cybercriminals are threatening to release this data next week if MSI does not pay the ransom.
In conclusion, this incident shows the importance of remaining vigilant in regards to cyber threats. Regardless of how the attackers gained access or what data they were able to collect, MSI’s advice to only download updates directly from their official website is a wise move. As cyber attacks continue to be a threat to businesses across all industries, it’s imperative for companies to take the necessary steps to improve their cybersecurity defenses.
