Cognizant hit by 'Maze' ransomware attack, says clients facing disruption

A ransomware typically logs users out of their own systems through forced encryption of data and asks them to pay a ransom if they want to access the encrypted data. Photo: Shutterstock
IT services major Cognizant said it has become a victim of the 'Maze' ransomware attack that has caused disruptions to some of its clients.

The company, which has about 200,000 employees based in India, said it is in ongoing communication with clients and has provided them with indicators of compromise (IOCs) and other technical information of a defensive nature.

"Cognizant can confirm that a security incident involving our internal systems, and causing service disruptions for some of our clients, is the result of a Maze ransomware attack," Cognizant said in a statement.

It added that its internal security teams, supplemented by leading cyber defense firms, are actively taking steps to contain this incident.

A ransomware typically logs users out of their own systems through forced encryption of data and asks them to pay a ransom if they want to access the encrypted data.

"Cognizant has also engaged with the appropriate law enforcement authorities," the statement noted.

The incident comes at a time when businesses have been disrupted by coronavirus pandemic that has forced companies to turn to initiatives like work from home to ensure business continuity.

This has also led to concerns around security of data.

"Based on present information, we don't believe the reaction to the COVID-19 pandemic or Cognizant's efforts to enable associates to work from home facilitated this incident," a Cognizant spokesperson said.

Corporate users at most hacking risk form banking malware attacks

Banking Trojans or 'bankers are one of the most widespread tools for cybercriminals as they focus on stealing money and in 2019, a third of such malware attacks targeted corporate users, a new report has revealed.

In 2019, 773,943 users of Kaspersky solutions were attacked by banking trojans.

Of those users, a third (35.1 per cent) were in the corporate sector -- an increase from the 24-25 per cent figure that has remained fairly consistent for the previous three years.

'Bankers' malware usually search for users' credentials for e-payment and online banking systems, hijacking one-time passwords, and then passing that data to the attackers.

According to experts, the rationale is clear: attacks on the B2B sector could not only provide access to banking or payment system accounts, but, through employee exposure, could also compromise a company's financial resources.

"While the overall number of attacks with bankers decreased in 2019, the growing interest for corporate users' credentials indicates we are not yet seeing respite from financial threats," said Oleg Kupreev, security expert at Kaspersky.

"While we are in the current peak of remote working during the coronavirus pandemic, it is especially important to not underestimate criminals' desire for stealing money," he added.

In 2019, the share of financial phishing increased from 44.7 per cent of all phishing detections to 51.4 per cent.

Almost every third attempt to visit a phishing page blocked by Kaspersky products was related to banking phishing (27 per cent).

The share of phishing-related attacks on payment systems and online stores accounted for almost 17 per cent and over 7.5 per cent, respectively in 2019. This is more or less the same as 2018 levels.



Business Standard is now on Telegram.
For insightful reports and views on business, markets, politics and other issues, subscribe to our official Telegram channel