Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Finnish IT giant TietoEVRY discloses ransomware attack
#1
Finnish IT services giant TietoEVRY has suffered a ransomware attack that forced them to disconnect clients' services.

TietoEVRY is a Finnish software development and IT services company that employs 24,000 people throughout 80 countries. The company earned €2.95 billion in revenue for 2019.

On Monday, TietoEVRY experienced technical issues for 25 customers in the retail, manufacturing, and service-related industries, which was later learned to be caused by a ransomware attack.

After learning of the attack, TietoEVRY disconnected the affected infrastructure and services to prevent the ransomware's further spread.

"Due to the ransomware the affected infrastructure and services were disconnected. Together with the affected customers and our partners, we are working to enable recovery of the operations soonest."

"All affected customers have been informed and regular updates are being shared with them on the progress," TietoEVRY disclosed in a press statement.

TietoEVRY says they reported the attack to local authorities, the Norwegian National Security Authority (NSM), and NorCert, who are assisting in the investigation.

"TietoEVRY takes the situation extremely seriously and does upmost to solve it and recover the impacted services soonest possible. We have activated an extended team with the necessary capacity and competence and are working hard to solve the situation", says Christian Pedersen, Managing Partner in TietoEVRY Norway.

IT services companies are prime targets
IT services companies that provide MSP and MSSP service offerings are a prime target for ransomware gangs due to how these companies operate.

To properly service their clients, MSPs and MSSPs manage their clients through remote connections and software that can quickly push out new updates and fixes as needed.

By targeting MSP/MSSPs, ransomware gangs can use the company's remote access software and support applications to spread the ransomware to their clients.

This allows a single attack to create multiple victims to further extort the payment of a ransom.While attacks against IT services companies don't always affect clients, as we saw with Tyler Technologies and Cognizant, there have been successful REvil and GandCrab ransomware MSP attacks that also encrypted managed customers.


Source
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Nissan reveals ransomware attack exposed 53,000 workers' social security numbers mrtrout 0 427 05-20-2024 , 02:22 AM
Last Post: mrtrout
  Kaspersky discloses iPhone hardware feature vital in Operation Triangulation case mrtrout 0 985 12-31-2023 , 08:38 AM
Last Post: mrtrout
  Norton Parent Says Employee Data Stolen in MOVEit Ransomware Attack mrtrout 0 7,941 06-20-2023 , 09:05 PM
Last Post: mrtrout
  Digital security giant Entrust breached by ransomware gang mrtrout 0 899 07-23-2022 , 12:02 AM
Last Post: mrtrout
  Maastricht University gets partial ransom back after ransomware attack in 2019 mrtrout 0 745 07-03-2022 , 09:56 PM
Last Post: mrtrout



Users browsing this thread: 1 Guest(s)