back to article Equinix warns it's infected with ransomware, promises it can carry on regardless

Equinix has warned customers it has been infected with ransomware. A brief “Equinix Statement on Security Incident” issued late on Wednesday night US time said the company was “currently investigating a security incident we detected that involves ransomware on some of our internal systems.” Just which systems were infected …

  1. Pascal Monett Silver badge
    Thumb Up

    Well at least it hasn't spread all over the place

    As stated in the article, Equinix may have been bitten by social engineering or hacked, but at least the crises was contained to the non-operational side of the business. That does tend to signal that Equinix, unlike many, has planned and put in place proper security procedures, and that planning, at least, has paid off.

    In this case, I doubt that we will see much as far as apologies are concerned. Customer data and operations are not impacted, so Equinix does not need to go promising that "the security of our customers is our greatest concern" - they've just proven that it is (contrary to practically every company that has tried to bullshit us with that line since, well, ever).

    I do hope we'll get a report on what happened. I'll be interested in learning just how a company that has things so well-planned still managed to get caught out.

    1. DeanT

      Re: Well at least it hasn't spread all over the place

      The report would be an interesting read. Would be surprised to see if the cause was anything other than an employee clicking on a link in an email for a free tech thingie/vacation abroad

    2. Anonymous Coward
      Anonymous Coward

      Questions?

      Q: How?

      A: In the same myriad of ways any intruder gains access to run their code on your network. Might have smashed in the front door of an internet facing server. Might have found an unpatched VPN server or one without 2FA. Might have sent various types of phishing emails. Or a combination of all of those things.

      Q: But this would never happen on my network, could it?

      A: Yes it could.

      What is currently happening is that the money to be made from ransomware is now big enough to warrant intruding wherever you can get in now. Doesn't matter if that is a small biscuit maker or a defence contractor. That thing where you could hide because nobody cared about YOU, not quite the same any more. Got a weakness and have a cheque book is the only two things important in target selection.

      Most people were only never hacked because nobody gave a fig about you, this current trend is entirely different.

      1. Was-a-tech-now-a-manager

        Re: Questions?

        Hmm, hasn't this always been the case? Very few penetration attempts are targeted. Don't matter what your company size is, it's how much low hanging fruit you have at your attack surface

        1. Anonymous Coward
          Anonymous Coward

          Re: Questions?

          Actually it is different.

          It's the same brew of stuff normally associated with nation state apt, but without the targeting of a particular group of targets.

          It's certainly not your old fashioned targeting of random people with emails or Web page exploits. These are full on network intrusions and code being run on as many machines as they can, dropped by hand or scripts.

          I've worked a few of these, it's nothing like old skool locky etc

          On top, they usually exfil some data and threaten to release it if you don't pay up... Double threat.

  2. john.jones.name
    Stop

    customer details ?

    Have customer details such as people who are authorised to have access been compromised ?

    (i.e. my details )

    I have a sneaky suspension they have and the longer they deny it the more customers that will swear never again...

    Reputations are everything and this is not the time to fudge or use a play book for a security investigation.

  3. HildyJ Silver badge
    Facepalm

    Standard script

    You forgot to add "We have not detected any customer data that has been compromised."

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020