back to article French IT outsourcer Sopra Steria hit by 'cyberattack', Ryuk ransomware suspected

French-headquartered IT outsourcer Sopra Steria has been struck by a “cyberattack,” reportedly linked to the Ryuk ransomware gang. The business declined to say what had happened, though French media reports indicated (en francais) that Sopra Steria’s Active Directory infrastructure had been compromised, seemingly by hackers …

  1. Anonymous Coward
    Anonymous Coward

    "phishing attacks [..] tend to be very difficult for non-specialists to spot"

    Yeah but, isn't Sopra Steria positioning itself as a specialist ?

    That said, I can't really say I'm surprised. A few years ago I was in the position of receiving admin details for a contract that my company was taking over from them. The meeting was quite cordial, and the person in charge of handing over the details was quite agreeable, asking me for a USB key and writing an Excel file onto it.

    When I got back to the office to analyze the file, what did I notice ? The Excel table was filtered. And what did I find when I removed the filter ? The entire database for all the clients with login, passwords, IP addresses and server names.

    I'm sorry, but if you employ people with that level of understanding of Excel, how can you hope to have actual professionals taking care of business ?

    Anon because obviously.

    1. Anonymous Coward
      Anonymous Coward

      Re: "phishing attacks [..] tend to be very difficult for non-specialists to spot"

      And you took the USB back and plugged it into your network? And kept your position?

      1. Anonymous Coward
        Anonymous Coward

        Re: "phishing attacks [..] tend to be very difficult for non-specialists to spot"

        No, but then he moved to NHS to work on the COVID tracing...

      2. pc-fluesterer.info

        Re: "phishing attacks [..] tend to be very difficult for non-specialists to spot"

        why not? Linux is immune against Conficker/Downadup and the like. ;-)

        And even Windows CAN be hardened against USB attacks.

        Well, yes, you have to do the hardening and actually do it before ...

    2. Strahd Ivarius Bronze badge
      Facepalm

      Re: "phishing attacks [..] tend to be very difficult for non-specialists to spot"

      I had the same kind of issue with BT Global Services once, when they sent us a quotation for a new WAN link as an Excel file instead of the usual PDF one.

      So we got all the formulas for calculating the final price...

      Very handy for getting a rebate afterwards ;-)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021