They are never going to financially recover from this
Bad news: Cognizant hit by ransomware gang. Worse: It's Maze, which leaks victims' data online after non-payment
New Jersey IT services provider Cognizant has confirmed it is the latest victim of the Maze ransomware. The infection was disclosed to the public this weekend. Cognizant said the malware outbreak will likely disrupt service for some of its customers, and possibly put them in danger as well. Maze is unusual among ransomware …
COMMENTS
-
Tuesday 21st April 2020 10:31 GMT Lotaresco
Significant failures
As usual when an organization reports a successful malware attack there are significant gaps and elements of whitewash in the announcements. Two areas that interest me are the vector for the attack - it looks like it may have been spear phishing, the usual vector for ransomware, and the apparent weakness of any security controls.
For the first part it appears that Cognizant permits users with administrator access to access the internet/corporate mail from privileged accounts. Oops.
For the second it appears there are no controls to prevent lateral movement, no SOC, no alerting when there's unusual activity such as large volumes of data being transmitted, no IPS, no IDS, no AV on the wire... (etc).
I'm guessing that they are already working on the standard letter that says that they have the best security in the world but were unable to defend customer accounts because of the extremely sophisticated attack.
-
Tuesday 21st April 2020 11:18 GMT Doctor Syntax
Re: Significant failures
"I'm guessing that they are already working on the standard letter that says that they have the best security in the world but were unable to defend customer accounts because of the extremely sophisticated attack."
They had it written and ready but it got encrypted.
-
-
Wednesday 22nd April 2020 14:22 GMT Anonymous Coward
Security? I doubt they’ve heard of that
Back when I worked for them we weren’t supplied with a corporate laptop or PC so everyone had to use their own kit. The web apps for everything were truly dire and needed ancient versions of IE to work. It got to the point where I had a really old crappy laptop just to use for timesheets and admin crap, I didn’t want my own laptop anywhere near their network.