Ransomware Gang Steals 10TB of Pics and Data From Canon

Published at: Aug. 6, 2020

Multinational corporation Canon reportedly fell victim to a ransomware attack launched by Maze group against its email and storage services and its United States website on July 30. Maze has threatened to leak the pics and data if a crypto ransom is not paid.

The image.canon site was out for six days, during which it showed updates. It went back into service on Aug. 4. Canon put out a statement that day about the attack, saying there had been no leak of image data, nor thumbnails of the photos stored in its cloud service.

However, the severity of the attack was confirmed on Aug. 5 by BleepingComputer, which said the ransomware gang claimed it had managed to steal almost 10 TB of photos, files and other data. The publication reported a notification sent by Canon’s IT department through their company-wide network that confirmed “widespread system issues” had affected multiple applications.

Unusually, Maze said its attack had not caused the six-day outage.

A-Maze-ing attack

Speaking with Cointelegraph, Brett Callow, threat analyst at malware lab Emsisoft, confirmed that the well-known Maze ransomware gang is behind the cyberattacks against the Japanese multinational:

“Whether that includes customers’ photos and videos that were stored in Canon’s long-term storage is impossible to say. Canon does state that some photos and videos were lost, so it seems likely that Maze did have access to that area of the network.”

Callow added that ransomware is used to affect mainly smaller businesses, but larger enterprises are now falling victim with increasing frequency.

Emsisoft’s experts believe that the chance of data being stolen in a particular ransomware attack is now greater than one in 10, quoting a recent study published by the malware lab.

Recently, a U.S.-based independent advisory firm specializing in the consumer and retail sectors was a victim of Maze. They have a number of big clients including former Spice Girl Victoria Beckham.

Tags
Related Posts
Major Chilean bank shuts down all branches following ransomware attack
Banco Estado, the only public bank in Chile and one of the three largest in the country, had to shut down its nationwide operations on Monday due to a cyberattack that turned out to be a ransomware launched by REvil. According to a public statement, the branches will remain closed for at least one day, but clarified that customers’ funds have not been affected by the incident. Citing sources close to the investigation, ZDNet reported that the REvil ransomware gang is behind the attack. It reportedly originated from an Office document infected with the malware that an employee received and …
Technology / Sept. 8, 2020
California University Pays Million-Dollar Crypto Ransom
The University of California at San Francisco School of Medicine reportedly paid a $1.14 million ransom in cryptocurrencies to the hackers behind a ransomware attack on June 1. According to CBS San Francisco, the UCSF IT staff first detected the security incident, stating that the attack launched by NetWalker group affected “a limited number of servers in the School of Medicine.” Although the areas were isolated by experts from the internal network, the hackers left the servers inaccessible and managed to deploy the ransomware successfully. A statement published by the University of California said: “The data that was encrypted is …
Technology / June 30, 2020
Robotics Company Falls Prey to Ransomware Attack
Ransomware gang REvil, known for launching stolen data auctions on the dark web, is now leaking sensitive documents stolen from a US-based robotics company. According to an official blog post from REvil on June 11, the team has started leaking confidential data belonging to Symbotic LLC. The post noted: “You do not want to speak with us and you probably think that we will not publish your data. We are already publishing.” The cybercriminal group stated that they’d created a website and paid for the hosting for a year. They threatened to make the robotics company’s data visible for “a …
Technology / June 12, 2020
Report: Ransom Costs for Stolen Data Rose 200% From 2018 to 2019
On average, the ransom demanded by cryptocurrency ransomware hackers increased by 200% from 2018 to 2019. According to a report published on June 5 by cybersecurity firm Crypsis Group, the average ransom demanded by cryptocurrency ransomware groups in 2019 reached $115,123. The median ransom, on the other hand, increased by 300% from 2018’s first quarter to the last quarter to 2019, reaching over $21,700. According to Crypsis Group, ransoms have grown as hackers increasingly target enterprises and select victims who are able to pay higher sums. Just yesterday, Cointelegraph reported that ST Engineering Aerospace’s United States subsidiary fell victim to …
Technology / June 8, 2020
Aviation Database Struck By Unknown Ransomware Gang
Smartwatch maker and data-syncing service provider, Garmin, was the subject of a ransomware attack that took down several of its services on July 23, which managed to encrypt its internal network. According to a series of tweets published by the company, the Garmin Connect website and mobile app were affected by the hackers, plus the call centers and every customer support resources like replying emails, online chats, and handling calls. However, the nature of the attack was unveiled by ZDNet, who also stated that the cybercriminals also targeted flyGarmin, the company’s service that supports its line of aviation navigational equipment. …
Technology / July 25, 2020