A Chinese assembler working for Apple was the target of cyberattacks in December, with the event potentially causing product line details to be leaked to attackers.

Apple's massive supply chain is a prime target for hackers keen to either steal information or to earn a ransom from disrupting production. One such attack has come to light in China.

An unnamed assembler in China was the target of a sophisticated cyberattack in the middle of December, reports DigiTimes. The identity of the assembler is not known, but it could be one of the numerous companies Apple works with, like Foxconn, Wistron, and Pegatron.

The impact of the attack has also not been revealed in the report, except that it could've potentially compromised some production-line information. This could mean anything from iPhone product details being seized to methods of manufacturing, but the details won't be fully known unless a public disclosure of the attack is made.

While the attack targeted an assembler at Apple, the report alleges that the attack may have had some supply chain impact. The report claims that clients of the assembler are concerned about cybersecurity risks and supply stability at the company.

A massive target

While many of the details of the alleged hack are still unknown, it's unsurprising for Apple's supply chain to be targeted in such a fashion, and for a variety of reasons. An attack on Apple's supply chain infrastructure could mean that production has to be stopped and fixed before resuming, affecting Apple product supplies.

There is also the possibility of attacks being used to gather information about how Apple's product pipeline functions, or the products being made within it. Attackers may also simply try to infect systems with malware in a bid to secure a hefty ransom from a sensitive production line.

In 2018, chip partner TSMC saw its factories taken offline, after a virus caused enough damage to production lines working on Apple chips. At the time, TSMC CFO Lora Ho explained that, while TSMC has been attacked with viruses before, this was the first incident that attacked production lines themselves.

A far earlier attack in 2012 saw a "greyhat" hacking group successfully attack Foxconn and release the usernames and passwords of vendors connected to it. The released details could've permitted a social engineer to place fraudulent orders.

Over time, Apple has worked to harden its operational security, with demands of its suppliers to comply with considerable levels of security and secrecy to form part of the lucrative Apple supply chain.