Reports this week indicate confirmations from contract electronics manufacturer Foxconn that one of its factories in Mexico had fallen prey to a ransomware attack. The factory victim to the cyber criminals is situated in Tijuana, an important supply hub for the US. The extortion group claiming responsibility for the attack were the operators behind the Lockbit 2.0 ransomware.
The Foxconn Baja California, at the border with California, is the production plant affected by the attack which took place late in May. Mainly, it specialises in producing medical devices, consumer electronics, along with industrial operations. However, the company assured that it is slowly going back to ‘normal’ despite the disruptions from the attack.
Reportedly, the Lockbit group even went ahead to post following the attack. In it, they specified how Foxconn has been provided with roughly a fortnight to comply with their demands. In case not followed, the gang would leak ‘all available data,’ that it had successfully acquired from the servers of Foxconn. However, it is still not clear as to what the extortion gang exactly demands from the electronics manufacture.
“THE CYBERSECURITY ATTACK IS ESTIMATED TO HAVE LITTLE IMPACT ON THE GROUP’S OVERALL OPERATIONS. RELEVANT INFORMATION ABOUT THE INCIDENT IS ALSO PROVIDED INSTANTLY TO OUR MANAGEMENT, CLIENTS AND SUPPLIERS.”
Clearly, Foxconn is a significant manufacturing partner to some of large names in the tech industry. Owing to this, it might have hold of third party data on its systems which could be rather valuable and sensitive. Evidently, this could prove to be a greater concern for the company, than the manufacturer’s own records data and proprietary information.
The three factories of Foxconn in Mexico are responsible for the manufacture of electronic devices like LCD TVs, set top boxes, along with smartphones. Moreover, its is one of the important hub for stock going into the USA owing to its border shared with California.
In a statement, the company stated that a cybersecurity team is already in the process of executing a recovery plan as the attack was towards the end of May. Additionally, it stated that things are already, though gradually, going back to normal.
Notably, all of Foxconn’s clients affected by the attacks, along with suppliers and members of the management team are being kept updated about the impact from the attack. It is still unclear if the Lockbit organisation would enjoy any gains from this attack, or if the company has been successful in mitigating the impact of it independently.