As a result of a recent hacking attack on Western Digital’s network resources, more than 10 TB of service and user information is said to have been stolen. resource TechCrunch managed to communicate with the alleged organizers of this attack and found out that they are demanding a large ransom from the company for the stolen data and conditional guarantees for further security.
How did the publication find out? TechCrunch, the organizers of the attack on Western Digital’s infrastructure chose the target arbitrarily, not only stealing data, but also retaining access to important information resources. As proof of the success of the attack, the specialists were presented with digital certificates that allow them to sign documents on behalf of Western Digital’s management, as well as official phone numbers of high-ranking employees of the concern. Attempts to reach them were accompanied by the inclusion of an answering machine, which gave the names of company executives identifiable by the hackers. Finally, the attackers showed a screenshot of a service video conference attended by the head of the WDC department responsible for information security. In addition, hackers gained access to certain corporate information systems and data stores.
The perpetrators of the attack did not encrypt the compromised data and are now expecting a one-off ransom in the tens of millions. In exchange for money, they are willing to deny access to Western Digital’s infrastructure and point out weaknesses in the company’s security systems. Of course, if these requirements are not met, the company faces further problems, which can be exacerbated by the victims’ attempts to find and punish the organizers of the attack. If the latter do not receive a ransom by a certain date, the stolen data will be published on the website of one of the hacker groups, with which they themselves have no direct relationship. The organizers of the attack are also reluctant to identify their group in any way. According to them, representatives of Western Digital have so far tried not to contact them. The hackers admitted that they had gained access to a Western Digital account on the Microsoft Azure cloud infrastructure with administrative privileges, as well as internal company resources. Shares of the company fell 2.95% on such news.