Ransomware Costs Toshiba 400,000TB of SSD Storage Production

[ARikozuM]

You guys work for Gearbox? There are too many pop-culture references.

[mr moose]

2 hours ago, Me1z said:

I'm well aware that we live in an age where hacking is an inevitability and no security is ever 100%, and I wouldn't blame them if they simply experienced a data breach, but of the examples you presented NONE of them were ransomware attacks. Falling victim to ransomware is for the elderly running XP based systems, not manufacturing giants. This could have easily been prevented.

a Breach of security is a breach of security, it doesn't matter whether the payload is ransomware or the goal is to steal information/data. 

[MyName13]

Another excuse for another price increase?Come on, it's 2017, will HDDs die in our lifetime?

[leadeater]

8 hours ago, Me1z said:

In repsonse to 1: I suppose this implies the ransomware was introduced to the network via flashdrive or some other infected portable storage device? It's a more understandable scenario, but still shocking that it was able to progress to vital production systems

Unfortunately every computer network is only as protected and secure as the most stupid user on it. You can put protections in place to limit damage and spread but that is mitigation not prevention.

 

Most companies underestimate user education and training, it's extremely rare for a computer system to get breached by an attacker so those days are mostly over except for very rare cases and are undertaken by very skilled people who rely on other factors to gather information about the victim network. Also the skill isn't always in executing the breach it's in finding the vulnerability so you can do it.

 

Social engineering has been the focus for a rather long time now but I have noticed it's starting to swing back towards systems security recently with more internet connected (IoT) devices showing up with glaring security holes in them.

 

On the social engineering topic again it's actually very easy to get users to click on things they shouldn't, I've seen some very well crafted fake invoices sent to finance departments who on a daily basis deal with multiple different companies often ones they have never heard of.

 

One of the best ones I saw was a PDF with a custom font that would never be on a computer that would trigger the PDF reader to prompt to download the font and the URL for this font was a virus/ransomware payload, really easy to just click yes to download it and the PDF reader would just execute it automatically.

[leadeater]

7 hours ago, Me1z said:

Falling victim to ransomware is for the elderly running XP based systems, not manufacturing giants. This could have easily been prevented.

Not as easy as you might think, people create new ransom viruses at an alarmingly high rate (more than 1 per day) so Endpoint Protection software like Symantec SEP isn't going to stop it.

 

We take hourly storage array snapshots exactly for this reason so if a computer gets hit and encrypts a bunch of files on a network share they were connected to we just revert that volume back to the latest snapshot which take less than a minute. As for the computer that gets taken away and re-imaged. 99.99% of ransomware attacks just aren't news worthy so you don't hear about them, also some companies keep it quiet since saying you were a victim often invites more to attack you because it has been successful before.

[System Error Message]

this could be a targeted attack, i mean making SSD prices increase is bad for everyone, good for sellers. Hackers would prefer things like faster unbiased internet for everyone, affordable hardware, etc, so whoever did this is probably relevant to the SSD industry.

[MoonSpot]

1 hour ago, leadeater said:

On the social engineering topic again it's actually very easy to get users to click on things they shouldn't, I've seen some very well crafted fake invoices sent to finance departments who on a daily basis deal with multiple different companies often ones they have never heard of.

 

One of the best ones I saw was a PDF with a custom font that would never be on a computer that would trigger the PDF reader to prompt to download the font and the URL for this font was a virus/ransomware payload, really easy to just click yes to download it and the PDF reader would just execute it automatically.

Doesn't help that many people promote not using any AV whatsoever, and just "surf smart".  Not often you see people walking around with their ass is hanging out criticizing other peoples intelligence; but hey, this be the age of the internets.  And being told not to do something, buy something or invest in something is tempting and easily believed.

Even invoices from unfamiliar "suppliers" is one thing, and can be seen through by people who are on the ball with the goings on in their workplace(granted this is quite dependent on the size of an organization).  I think scarier vectors are ones that mascaraed as being from banks.  Their are only so many, and its quite easy to find out who someone, or some institution, banks with.  Then craft the mindfrack accordingly.

 

ugh, sometimes think that people just suck.

[Sakkura]

Toshiba has denied the story and DRAMeXchange has debunked it.

 

http://www.guru3d.com/news-story/toshiba-victim-of-ransomware-halts-production-of-nand-flash.html

[leadeater]

16 minutes ago, MoonSpot said:

Doesn't help that many people promote not using any AV whatsoever, and just "surf smart".  Not often you see people walking around with their ass is hanging out criticizing other peoples intelligence; but hey, this be the age of the internets.  And being told not to do something, buy something or invest in something is tempting and easily believed.

Even invoices from unfamiliar "suppliers" is one thing, and can be seen through by people who are on the ball with the goings on in their workplace(granted this is quite dependent on the size of an organization).  I think scarier vectors are ones that mascaraed as being from banks.  Their are only so many, and its quite easy to find out who someone, or some institution, banks with.  Then craft the mindfrack accordingly.

 

ugh, sometimes think that people just suck.

Most dangerous one I've seen, don't like mentioning it but what ever, is job applications. Most organizations require you to submit electronic copies of CVs and other information which you can embed Office macros, or previously mentioned font attacks, basically anything you want. Doesn't matter how fancy a website you put in front of it or just accept by email not everything can be blocked by virus/malware scanners on upload and at the end of the day someone actually has to review the job application and accompanying documents to process the application.

 

The easiest and most effective way to annoy a company is through job applications, please don't be assholes with this knowledge.

 

Edit:

This is one of the reasons why companies like to use external job agency companies, outsourcing the risk/screening to someone else so you only get legitimate and verified applications passed on to you.

[Bananasplit_00]

yay for more shortages! I love when the price per gigabyte goes UP instead of DOWN daily   /s

[vorticalbox]

10 hours ago, Siedge said:

I am very curious what the money lost here is for them. I imagine it's very very high.

 

10 hours ago, Orangeator said:

Yeah, millions upon millions just lost.

 

10 hours ago, thorhammerz said:

 

Probably around the $100-$200 million(+) USD ballpark.

 

Taking 400,000,000 GB worth of SSDs, if we assume (quite arbitrarily, someone wanna pull up some hard statistics? ) the (weighted) average size of SSD sold to be ~250 GB, that's around 1,600,000 products, or some 160 million USD if we assume (arbitrarily again) they receive $100 made off every 250 GB SSD.

 

TL;DR for those who don't like math: brace yourselves, the winter of inflated SSD prices are coming.

 

from what I can find online so far this year Toshiba has made 43.49B, so if we take the above as true (200 million) that's just 0.460935699% of annual profits. 

[thorhammerz]

40 minutes ago, vorticalbox said:

from what I can find online so far this year Toshiba has made 43.49B, so if we take the above as true (200 million) that's just 0.460935699% of annual profits. 

That's total revenue (not profits) including all their product lines (which are likely further compartmentalized into their own sections with their own budgets and whatnot).
 

Net profits per quarter in 2017 year is closer (if we ignore that huge ~$5 billion legal/tax settlement they had to pay for something) to the $150 to $800 million USD ballpark.

 

Losing $200 million is hardly crippling, but one can reasonably expect prices to spike in the near future when supply drops and/or Toshiba attempts to pass off some of the costs down the supply chain (terminating at the consumer).

[Coaxialgamer]

12 hours ago, thorhammerz said:

 

Probably around the $100-$200 million(+) USD ballpark.

 

Taking 400,000,000 GB worth of SSDs, if we assume (quite arbitrarily, someone wanna pull up some hard statistics? ) the (weighted) average size of SSD sold to be ~250 GB, that's around 1,600,000 products, or some 160 million USD if we assume (arbitrarily again) they receive $100 made off every 250 GB SSD.

 

TL;DR for those who don't like math: brace yourselves, the winter of inflated SSD prices are coming.

It's more like a third of that. Given the price of 250gb ssd's, and counting OEM + retail overhead, they likely barely get 30$ off those chips. 

[thorhammerz]

4 minutes ago, Coaxialgamer said:

It's more like a third of that. Given the price of 250gb ssd's, and counting OEM + retail overhead, they likely barely get 30$ off those chips. 

I did say (twice) the numbers given were very arbitrary . But I do agree, it's probably somewhere in the $25-60 range.

[Doobeedoo]

Repost? 

On the other hand, it would really suck to see price increase in SSDs and or RAM though they appear fine where I live. Storage price jump like how it was with HDDs really is bad. Not to mention along current GPU prices. 

Hopefully everything normalizes not far off. 

[AnonymousGuy]

13 hours ago, Me1z said:

Question 1: Why were computer systems used for production even connected to the internet in the first place?

 

Question 2: Why were such computer systems not backed up regularly to preven this very scenario?

 

Question 3: What kind of idiots are running the show at Toshiba? For a company so heavily invested in the storage market, this is downright embarassing. They literally MANUFACTURE storage devices, they could have had a company wide backup system at minimal cost...

Probably came in off an infected USB drive or someone's phone / whatever.  A lot of times recipes or datalogs are transfered around via plugging in a USB drive, or someone will charge their phone from a bagillion dollar tool.  These machines are typically not exposed to the internet, just local network.

 

Intel too very nearly got shut down by this, but someone essentially pushed the panic button and locked the network down before it could spread, judging by the little info we saw.  Everything was taken offline and patched then.

 

The fix is to have a separate machine that all USB drives have to be scrubbed through before being plugged in to a  tool.

[raphidy]

Just waiting for sepuku and people jumping from buildings.

[vanished]

6 hours ago, raphidy said:

Just waiting for sepuku and people jumping from buildings.

I don't think it will happen since apparently the whole story is fake/made up.  See the pinned reply at the top.

[MyName13]

55 minutes ago, raphidy said:

Just waiting for sepuku and people jumping from buildings.

You mean Sudoku?

[vanished]

4 minutes ago, MyName13 said:

You mean Sudoku?

no, Subaru

[MyName13]

15 minutes ago, Ryan_Vickers said:

no, Subaru

No, did you mean sushi?

[RagnarokDel]

15 hours ago, thorhammerz said:

 

Probably around the $100-$200 million(+) USD ballpark.

 

Taking 400,000,000 GB worth of SSDs, if we assume (quite arbitrarily, someone wanna pull up some hard statistics? ) the (weighted) average size of SSD sold to be ~250 GB, that's around 1,600,000 products, or some 160 million USD if we assume (arbitrarily again) they receive $100 made off every 250 GB SSD.

 

TL;DR for those who don't like math: brace yourselves, the winter of inflated SSD prices are coming.

probably closer to $40 per unit.

[mr moose]

8 hours ago, Sakkura said:

Toshiba has denied the story and DRAMeXchange has debunked it.

 

http://www.guru3d.com/news-story/toshiba-victim-of-ransomware-halts-production-of-nand-flash.html

 

Does that mean you guys don't need a getaway car? 

[vanished]

1 hour ago, MyName13 said:

No, did you mean sushi?

No, I mean sapporo

actually nvm this has gone on long enough lol

Looks to me like the story is debunked, but I'm not locking this because we maintain order, not dictate truth.  People can still read and discuss if they feel differently.

[ARikozuM]

1 hour ago, mr moose said:

Does that mean you guys don't need a getaway car? 

No millions for you!