Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Security

Fujifilm Becomes the Latest Victim of a Network-Crippling Ransomware Attack (techcrunch.com) 39

Japanese multinational conglomerate Fujifilm has been forced to shut down parts of its global network after falling victim to a suspected ransomware attack. From a report: The company, which is best known for its digital imaging products but also produces high-tech medical kit, including devices for rapid processing of COVID-19 tests, confirmed that its Tokyo headquarters was hit by a cyberattack on Tuesday evening. "Fujifilm Corporation is currently carrying out an investigation into possible unauthorized access to its server from outside of the company. As part of this investigation, the network is partially shut down and disconnected from external correspondence," the company said in a statement posted to its website. "We want to state what we understand as of now and the measures that the company has taken. In the late evening of June 1, 2021, we became aware of the possibility of a ransomware attack. As a result, we have taken measures to suspend all affected systems in coordination with our various global entities," it said.
This discussion has been archived. No new comments can be posted.

Fujifilm Becomes the Latest Victim of a Network-Crippling Ransomware Attack

Comments Filter:
  • Time to stop tiptoe-ing around these asshats and their enablers.

    • by The New Guy 2.0 ( 3497907 ) on Thursday June 03, 2021 @12:29PM (#61451154)

      Really, this is enabled by crypto's anonymity letting them launder ill-gotten gains. About time somebody hacked down Bitcoin.

      • And how do you do that, exactly? Tell every country, including Russia, to ban exchanges? Yeah right.

        Even easier would be to make it illegal to pay the ransom by applying criminal sanctions (up to and including jail time) against anybody involved in paying the ransom.

        • And how do you do that, exactly? Tell every country, including Russia, to ban exchanges? Yeah right..

          The easy way is to take the wind out of crypto. In the US and most other countries financial firms have to obey KYC. Just declare bitcoin isn't compliant with that in any form and any transaction using those technologies can be forfeited with the financial services company on the hook. That would more or less kill it.

          • Bitcoin exchanges don't have to be compliant with that. Besides, some of the bigger banks out there, like HSBC, basically ignore that. The US keeps hitting them with big fines, then they promise they'll be better next time, only to do it yet again.

  • by CaptainDork ( 3678879 ) on Thursday June 03, 2021 @12:00PM (#61451046)

    ... and become cyber-secure when you mature.

  • by oldgraybeard ( 2939809 ) on Thursday June 03, 2021 @12:02PM (#61451052)
    maybe someday, these corps will secure their network resources properly.
    • Re: (Score:3, Funny)

      I figured out a better solution: Just send wave after wave of cash at the ransomers until they are all living on private islands, buried under too many super models to reach their keyboards.

  • Cuz you know, the attacks never come from anywhere else...

  • Think of the children!
  • Uh, why isn't there an antimalware solution to this?

    • by guruevi ( 827432 )

      There is, people just choose not to implement it.

      • What is it?

        • Backups, bro. Backups.
          • by PPH ( 736903 )

            What good do backups do if the malware is slipped into your system and then lays dormant for weeks? Or months? Restore to some point before the intrusion, but that might only recover tainted documents. All will look well until they start chewing through your servers again.

            • Tainted documents? Do you mean encrypted documents?

              If it took months to encrypt all the documents on your network, it would be detected and stopped. It may spread or lie dormant for months but the actual taint usually occurs quickly. Often overnight or on a weekend.
              • by PPH ( 736903 )

                No. I mean tainted documents. Or whatever is attached to the incoming e-mail (or whatever). The attacker sends an executable attached to some e-mail. It installs itself in various systems but then sits there and does nothing. Maybe for weeks or months. Then it wakes up, encrypts your stuff and you get hit up for payment. So you say, "No problem. We'll just restore from a backup." But the contaminated content with the executable may have been in your system through several backup cycles. And if you revert to

            • Well, I'm sorry I have to spell it out for you, but "what good" they do is when you restore the files from before the ransomware attack. If your admin was smart and following a simple structured backup plan, then you'd have backups with different frequency & retention levels and you'd go back far enough that you could find the unadulterated copies of the files you wanted. Derp.
        • Pretty much anything modern should be able to detect malware that starts encrypting the drive. You need the solution not just at the endpoints but also in the network and at the edge so it can detect anomalies and shut down parts of your network. These solutions can also âoedetonateâ any unrecognized piece of software in a VM and within seconds they know what it can do.

          All the big names have some solution for the enterprise, they all implement some countermeasures.

          Additionally you need backups and

    • When WannaCry went through the first time, it was asserted no sites running Avast fell victim.
    • Zero day hacks.
      And look up how anitmalware identifies malware.
      If someone rebuilds the payload (with tweaks) just for you then no antimalware is going to stop it.
  • That's an honest question. Is it trojans - malicious E-Mail attachments that unsuspecting internal users open? Insecure external access to internal networks? Hacked private clients? Bad security policies? ... Is it really dimwit security neglected by corporate deciders ignoring the experts or is this l33+ h4XXors finding new ways to breach hithero unknown holes? Does anyone have any details on one of these recent ransomware events and can perhaps offer some insight?

    I don't run a corporate network but I know

    • It's an initial failure, followed by an abuse of chains of trust. Malicious document gets downloaded, and then Windows trusts that Word is allowed to interact with the Scheduled Tasks API, which is trusted to launch PowerShell, which is trusted to download further content from the Internet, which is trusted to extract saved credentials, which are trusted by other computers on the network, and so on.

      Once enough administrative control is established on the network, any active security services are crippled
  • About 99% of these could be prevented by not using MS Windows, where the overwhelming majority of attacks are targetted, and second by having backups of the encrypted data being ransomed. If you have no backups, you are a fucking moron. That is most certainly NOT an IT "best-practice". It's hard to feel sorry for a bunch of Windows weasels who can't be bothered to do backups.
    • About 99% of these could be prevented by not using MS Windows, where the overwhelming majority of attacks are targetted

      True, but only initially. If everyone switched to Linux then all the attacks would target Linux, and we would see the same penetration as we do in Windoze.
      At least with Windoze there is only a few versions of the operating system to update, if it was Linux it would be untold versions of the operating system spread across how many devices and microwaves and calculators. In an odd way we

      • by Luthair ( 847766 )
        There is a perfectly reasonable one for the IT staff - they may not have been given the time & resources to perform these tasks.
        • I feel it. I've been in that position myself. However, the business/operations cannot blame IT if they aren't given the resources. Someone, somewhere *did* make that call, and it's on them 100%.

We are each entitled to our own opinion, but no one is entitled to his own facts. -- Patrick Moynihan

Working...