Delta Electronics, a Taiwanese electronics company and a provider for Apple, Tesla, HP, and Dell, disclosed that it was the victim of a cyberattack discovered on Friday morning.
In a statement shared on January 22, 2022, the company said the incident impacted only non-critical systems, which had no significant impact on its operations. AdvIntel “Andariel” platform detected the attack on January 18.
Delta is now working on restoring systems taken down during the attack and says it hired the services of third-party security experts to help with the investigation and recovery process.
The electronics provider also said it notified government law enforcement agencies to assist with the follow-up investigation.
$15 million ransom for decrypting thousands of devices
According to negotiations between Conti and Delta (also seen by BleepingComputer), the Conti operators claim to have encrypted 1,500 servers and 12,000 computers out of roughly 65,000 devices on Delta’s network.
The Conti ransomware gang asked Delta to pay a $15 million ransom for a decryptor and stop leaking files stolen from its network. Also promised a discount if the company would pay quickly.
While Delta is still reportedly working with Trend and Microsoft’s security teams to investigate the incident and claims that its production has not been affected, its website is still down one week after the attack.
“The Conti ransomware group revealed a specific pattern part of the Delta attack leveraging Cobalt Strike with Atera for persistence as revealed by our platform adversarial visibility. Certainly, this attack is reminiscent of the REvil Quanta one affecting one of the Apple suppliers,” Vitali Kremez, CEO of AdvIntel, told BleepingComputer.
The ransomware gang’s operators have breached other high-profile orgs in the past, including Ireland’s Department of Health (DoH) and Health Service Executive (HSE), and the RR Donnelly (RRD) marketing giant.
A Delta Electronics spokesperson was not available for comment when contacted by BleepingComputer earlier today.