Japanese camera maker Canon joins the list of high-profile corporations to fall victim to a ransomware attack. The attack saw the company’s online systems, including its U.S. website, email and other internal systems taken down a large outage. Data indicates that cybersecurity breaches that are followed by a ransom demand from the hackers responsible have tripled in the past year.
A piece of malicious software called Maze is believed to have been used in the attack. If that is the case, the attack may have involved the theft of large volumes of personal data as well as simply disabling digital systems and applications. Because of the negative PR implications, the theft of personal data, especially that of customers, is a favoured tactic employed by increasingly brazen cyber-criminals seeking ransom payments.
The ransom note subsequently sent to Canon was reportedly seen by technology website Bleeping Computer, which reported it as reading:
“We hacked your network and now all your files, documents, photos and databases and other important data are safely encrypted with reliable algorithms.”
Ransomware attacks work by infecting one computer linked to a company’s systems with a virus. From its original host, the virus then infiltrates any connected systems it can make it way into, encrypting any files it finds. That encryption can only then be unwound by a key in the possession of the hacker. A ransom is usually demanded in exchange for the key, alongside the threat that stolen copies of the files will also be leaked if the victim fails to comply.
David Castaneda of London-based cybersecurity start-up CybeX comments:
“Canon has become the unwanted latest addition to what is becoming a long list of high-profile attacks against brands effectively being held hostage by the Maze cybercriminal group”.
“It’s yet to be confirmed by Canon, but it looks like this attack is part of the now common trend of a ‘double extortion ransomware attack’, which sees cybercriminals both encrypt and ransom data accessed and also threaten to leak it.”
Canon UK & Ireland’s spokesperson declined to comment on reports of the hack other than stating:
“We are aware that Canon USA are experiencing system issues. An investigation is taking place.”
Cybercriminals have been targeting ‘big game’ recently, presumably in the belief that larger companies with a higher profile will be willing to pay bigger sums to get their data back and prevent the leak of customers’ personal data. U.S. smartwatch maker Garmin is another recent victim, as is Travelex, the foreign exchange company. Unofficial reports believe they paid respective ransoms of over $10 million and $2.3 million.
Ransom demands are increasing, with cybersecurity company Coveware recently publishing data that shows the average ransom paid to hackers has increased to £135,000 this year from just £27,000 a year ago. Richer pickings are having the knock-on effect of encouraging an increase in attacks.
Ransomware attacks are also becoming more targeted and sophisticated compared to earlier opportunistic attacks that were more modest in their demands, regardless of the size of company. Now it appears that hackers are studying their potential victims and customising demands according to perceived wealth and extent to which they would wish to avoid a data leak.
British companies paid out a reported £210 million to ransomware hackers last year, prompting a cross-party group of MPs to demand tougher laws against paying out ransoms. Companies are increasingly paying out ransoms as a direct result of more hackers following through on their threats to release data. Coveware reports that between April and June, 30% of ransomware attacks included the threat to leak data. In 22% of cases this was actually done, compared to in just 8.7% of cases over the previous 3 months. Tougher laws would be expected to harden the resolve of companies to not pay ransoms, reducing incentives for cybercriminals.
Comments (0)
Average Rating: No ratings yet/5 (0 reviews)
No comments yet. Be the first to comment!