A subsidiary of semiconductor services company Trio-Tech International, based in Singapore, recently experienced a ransomware attack. The incident, disclosed in a Securities and Exchange Commission (SEC) filing, led to the encryption of several files within the company’s network on March 11.
Immediate Response to the Cyber Attack
Upon detecting the attack, the affected subsidiary swiftly enacted its incident response protocols by taking its systems offline. This quick action was aimed at containing the breach’s impact. Trio-Tech also enlisted the support of external cybersecurity experts to investigate the breach and informed law enforcement agencies about the situation.
The subsidiary is actively working on containing the attack, restoring the compromised systems, and improving surveillance throughout its network. As part of their legal obligations, they are also in the process of notifying all parties impacted by the breach.
Potential Impact and Ongoing Investigation
Initially, Trio-Tech did not view the incident as materially significant. However, the subsequent leak of some stolen data led the company to reassess its stance, now considering it a potentially material cybersecurity event. The full extent of the data affected is still under investigation, as the company continues to work closely with its cyber insurance provider to navigate the situation.
While specifics on the perpetrators remain undisclosed, the Gunra ransomware group has claimed responsibility by listing Trio-Tech on its Tor-based leak site. Trio-Tech has yet to provide further details on the attackers’ assertions.
Business Context and Future Steps
Trio-Tech International, headquartered in California, specializes in semiconductor back-end solutions, offering manufacturing, testing, and distribution services along with industrial electronic equipment. The company operates in several countries, including the United States, China, Malaysia, Singapore, and Thailand.
This incident underscores the persistent threat of ransomware attacks in the industrial sector. As Trio-Tech continues its investigation and remediation efforts, the situation highlights the importance of robust cybersecurity measures and preparedness in mitigating potential disruptions from such attacks.
