The Information technology consultant and digital services provider company, Cognizant has been struck by Maze ransomware attack. It infected the systems and caused service disruptions to the clients.
With the strength of 300,000 employees, the company was hit by the ‘Maze’ ransomware group. It is engaging law enforcement authorities in the ransomware attack case that was reported recently.
The hackers have made the declaration in the previous months for publically holding its victims hostage and threatening to leak the company’s information if the company refuses to pay its ransom.
“The massive shift to work from home is only exacerbating the third party risk management challenge. Companies struggle to manage risk from their remote workforce. Now, each one of their business partners and vendors has their own remote workforce. The attack surface has just exploded overnight. It’s one of the fundamental security challenges in the 21st century. Your company may be buttoned up, but your business partners, vendors and service providers may be at risk,” said Jake Olcott, Vice President at BitSight.
Cognizant’s recent press release states, “Our internal security teams, supplemented by leading cyber defense firms, are actively taking steps to contain this incident.”
It continues,
“Cognizant has also engaged with the appropriate law enforcement authorities. We are in ongoing communication with our clients and have provided them with Indicators of Compromise (IOCs) and other technical information of a defensive nature.”
Explaining the meaning of Maze ransomware, Javvad Malik, a security awareness advocate at KnowBe4, said, “The Maze ransomware is part of a new wave of particularly devious strains of ransomware which steals data before encrypting it and threatens to release this stolen data if the victim organization does not pay. Therefore, even if an organization has backups from which they can restore data and continue operations, it would not be enough to mitigate all the threats.” He also added, “A layered defense is therefore essential so that organizations make it difficult for criminals to install ransomware, and if they do, detect exfiltration and encryption of data.”
In January, CyberScoop reported a Federal Bureau of Investigation (FBI) advisory that issued an alert to the US companies about this tactic of threatening companies to disclose valuable data and information.