Going public with the demands is a risky strategy, as now Apple’s response will be publicly known.
If they pay the ransom, it sends a message to everyone with access to confidential Apple manufacturing materials that they are sitting on millions of dollars of ransom material.
I would guess that Apple will refuse to engage in order to avoid incentivizing everyone in their manufacturing chain from trying the same stunt. Instead, they’ll go to great lengths to investigate the leak and punish the manufacturer responsible for leaking the material.
Schematics don’t hold much an exceptionally high value given that they could be reverse engineered from the product by sufficiently funded individuals. However, it would represent a leak of the details of upcoming products which is something Apple goes to great lengths to avoid.
Why would these schematics hold such a high value? Apple will do a new generation of laptops, maybe they'll modify the form factor a little bit, maybe they'll update some internal components, new processor. Who could benefit from knowing the exact changes, why would Apple care (millions-of-dollars-care) if they are leaked a few months in advance?
I would expect the impact to be small -- Apple releases new hardware on a very predictable schedule, and this kind of news is a bit esoteric to influence the casual buyer.
I think they're mainly betting on Apple wanting to keep the designs a secret until they are ready to reveal them. There's been numerous iPhone design leaks beforehand. I don't believe it actually impacted sales or reputation in any way, but Apple is still being secretive about it.
Perhaps other laptop manufacturers would be intersted in knowing how Apple's future machines are built, to give them a competitive edge. I could imagine accessory and case manufacturers would be keen to know about the form factor of future MacBooks. There's also a large ecosystem of Apple news sites that would probably pay for the scoop.
> I could imagine accessory and case manufacturers would be keen to know [...] There's also a large ecosystem of Apple news sites that would probably pay [...]
The article says, "the group is demanding that Apple pay an undisclosed ransom for the images/schematics they obtained via the supplier by May 1 [...] Until then, the hackers will continue to post new files every day, REvil said on its blog."
The target is only Apple itself, the random group does not accept third-party payment and will make all information public if it's not payed. So I don't think the group wants to sell the information to accessory manufacturers or Apple news sites.
In my opinion it doesn't worth the ransom price at all. I don't see anything unusual in the schematics - it just looks like one of those laptop schematics online that would definitely leak from the OEM within a year after the machine is released and it would be used by all repair technicians all over the world.
The author of this Ransomware [0] scrounged through the trash heaps and smoked cigarette butts. He walked 10 km one way to the school. He wore the same clothes for six months. In his youth, in a communal apartment, he didn’t eat for two or even three days.
By the way, the guy donates money to open source projects.
Netflix probably interested in his story. He is like Digital Version of Pablo Escobar.
These documents appears to be just PDF schematics and electrical specifications, not even the real files that can be opened by Cadence Orcad or Allegro, anybody making a minimum wage in Quanta's production line have access to some of those files. If you are patient it is quite trivial to accumulate those documents and the tactic quite lame.
As someone who has audited Quanta in my previous jobs, I am constantly being surprised that these documents are leaked so infrequently. A "Project" in Quanta start with the customer send in their schematics and mechanical drawings to the Quanta "R&D" engineers so they could redraw it to enable production in Quanta, aka EVT; then it is DVT for multi-sourcing of components and compatibility and EMC compliance, then it is PVT. Engineers usually transform the documents to PDF files and upload to the company's document center, production line operators will download those PDF files and copy it here and there, maybe even with a USB thumb drive to copy it to a production station running Windows 98 and Adobe Reader with no network access. The factories get so many projects that the leaked document maybe is for a product that already died in EVT.
It is also amazing to me that those PDF iPhone Schematics always leak to the 3rd party repairman after sometime it is announced, apparently there is an invisible food chain. But for this one, REvil is simply trying to brand themselves instead of the ransom.
No kidding --- the vast majority of third-party repair information is available only because of lax security, and it's far more detailed that what the companies will ever willingly release.
Laptop schematics are still relatively easy to find these days, but unfortunately the search results are flooded with people trying to sell them; they used to be even more freely available several years ago. (Google tends to want to ignore the word "schematic" in a search query, unless it is in quotes. Make of that what you will...)
I downloaded the files myself, there is extensive and definitely legit electrical documentation with several pages on MagSafe and SD connectors, as well as references to projects called Monaco, Viper, and Iceman.
Readit News
If they pay the ransom, it sends a message to everyone with access to confidential Apple manufacturing materials that they are sitting on millions of dollars of ransom material.
I would guess that Apple will refuse to engage in order to avoid incentivizing everyone in their manufacturing chain from trying the same stunt. Instead, they’ll go to great lengths to investigate the leak and punish the manufacturer responsible for leaking the material.
Schematics don’t hold much an exceptionally high value given that they could be reverse engineered from the product by sufficiently funded individuals. However, it would represent a leak of the details of upcoming products which is something Apple goes to great lengths to avoid.
The article says, "the group is demanding that Apple pay an undisclosed ransom for the images/schematics they obtained via the supplier by May 1 [...] Until then, the hackers will continue to post new files every day, REvil said on its blog."
The target is only Apple itself, the random group does not accept third-party payment and will make all information public if it's not payed. So I don't think the group wants to sell the information to accessory manufacturers or Apple news sites.
By the way, the guy donates money to open source projects.
Netflix probably interested in his story. He is like Digital Version of Pablo Escobar.
[0] https://therecord.media/i-scrounged-through-the-trash-heaps-...
As someone who has audited Quanta in my previous jobs, I am constantly being surprised that these documents are leaked so infrequently. A "Project" in Quanta start with the customer send in their schematics and mechanical drawings to the Quanta "R&D" engineers so they could redraw it to enable production in Quanta, aka EVT; then it is DVT for multi-sourcing of components and compatibility and EMC compliance, then it is PVT. Engineers usually transform the documents to PDF files and upload to the company's document center, production line operators will download those PDF files and copy it here and there, maybe even with a USB thumb drive to copy it to a production station running Windows 98 and Adobe Reader with no network access. The factories get so many projects that the leaked document maybe is for a product that already died in EVT.
It is also amazing to me that those PDF iPhone Schematics always leak to the 3rd party repairman after sometime it is announced, apparently there is an invisible food chain. But for this one, REvil is simply trying to brand themselves instead of the ransom.
Laptop schematics are still relatively easy to find these days, but unfortunately the search results are flooded with people trying to sell them; they used to be even more freely available several years ago. (Google tends to want to ignore the word "schematic" in a search query, unless it is in quotes. Make of that what you will...)