Japanese optical technology leader Hoya Corporation recently admitted (PDF) to being affected by an “IT system incident affecting the functional IT systems of our headquarters and several of our business divisions.” However, according to France’s LeMagIT, the incident would be better described as a ransomware attack, with Hoya facing demands for $10 million to unlock encrypted files and for the hackers to keep secret the data stolen during the security breach. Hoya is an essential player in the semiconductor industry as a leader in the development of products for EUV lithography. As a result, its trade secrets could be particularly valuable to rivals or sanctioned nations.
According to reports, the Hoya cyberattack was undertaken by ‘Hunters International.’ This group is thought to have formed after collaborative work between the FBI and law enforcement in Germany and the Netherlands dismantled the notorious ransomware-as-a-service group known as Hive. Despite the evidence, Hunters International denies any affiliation with Hive.
Some of the purported details of the Hunters International ransomware demand are that the group asked for $10 million for a file decryptor. Also, part of the deal would be a pledge by the ransomware group not to release any of the 1.7 million files (2TB of data) that it stole during the hack(s) on Hoya computers.
Interestingly, Hunters International claims to be applying a non-negotiation, no-discount policy to its Hoya data haul. This news morsel again needs a pinch of salt, as neither any ransomware group nor Hoya has released communications to confirm the true nature of the ‘incident’ affecting Hoya’s servers. However, LeMagIT’s screenshots, allegedly taken from “Hunters International infrastructure,” are an obvious smoking gun.
Hoya’s key IT products
- Mask blanks and photomasks for semiconductor manufacturing
- Photomasks for flat panel displays
- Glass disks for hard disk drives
- Optical glass / optical lenses
- Colored glass filters
- Laser equipment / UV light resources
As we mentioned in the intro, this isn’t just commercial and customer data at stake. Hoya Corporation is a pillar of the West’s advanced semiconductor advantage over sanctioned countries like China, Russia, and other despotic nations. Hopefully, action will be taken, and data won’t be sold to or ‘accidentally’ leaked to sanctioned countries.