Taiwanese Apple Inc. and Tesla Inc. supplier Delta Electronics Inc. has been struck by a Conti ransomware attack.

The attack took place on Friday, Jan. 21, and affected noncritical information systems. In a statement, Delta said that it had activated information security-related defense mechanisms and contingency operations. As of Saturday, the company said, it was gradually restoring affected systems and there was no significant impact on its operations.

The company added that it had notified law enforcement agencies and hired information systems advisers to investigate the attack and to improve network security.

Delta is a major supplier of power components to both Apple and Tesla and makes a variety of products. Those products include embedded power supplies, cooling fans, electromagnetic interference filters and solenoids. Other products include electric vehicle chargers, industrial automation solutions and data center infrastructure.

Delta didn’t disclose the type of ransomware involved in the attack, but Bleeping Computer reported today that the Conti ransomware gang was behind the attack. The Conti gang is said to have demanded a $15 million ransom payment from Delta and claims to have encrypted 1,500 servers and 12,000 computers out of about 65,000 devices on the company’s network.

Interestingly, Delta also entered into negotiations with the Conti ransomware gang on a possible payment in return for a decryptor and a promise not to leak stolen data.

The Conti ransomware gang first emerged in 2020 and has been linked to a range of attacks. Previous victims include Ireland’s health service, Advantech Co. Ltd, voice-over-internet-protocol hardware and software maker Sangoma Technologies Corp. and hospitals in Florida and Texas.

Conti has also been the subject of two government warnings. The first was by the U.S. Federal Bureau of Investigation in May, followed by a warning from the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency in September.

“Cybercriminals continue to target organizations that provide a service or product to larger organizations with the expectation that they cannot suffer downtime due to a ransomware attack and will be inclined to pay up faster,” James McQuiggan, security awareness advocate at security awareness training company KnowBe4 Inc., told SiliconANGLE. “While the attack was substantial, it appears the organization took the necessary actions to protect the critical equipment and systems within their organizations, as it seems that the cybercriminal group targeted corporate systems like their webpage.”

Photo: Delta Electronics Thailand