Home Technology Cybersecurity Canon suffers ransomware attack, hackers threaten data dump if not paid Canon’s email, Microsoft Teams, US website, and other internal applications are affected by David Ndichu August 6, 2020 Canon has suffered a major ransomware attack, two weeks after Garmin’s services were shut down by a similar attack. Online tech news site BleepingComputer reports that 10TB of company data has also been stolen, with the camera maker suffering widespread system outages. Canon’s email, Microsoft Teams, US website, and other internal applications are affected, the report says. The company’s US website currently says the site is “down for maintenance” although its global and Japanese websites seem unaffected. A partial screenshot obtained by BleepingComputer shows the alleged ransom note sent to Canon, identifying ‘Maze’ as the ransomware used in the attack. Unlike other ransomware, such as WastedLocker that targeted Garmin, Maze not only holds IT systems hostage, it also exfiltrates data to gain more leverage over victims. The hacking group behind the Maze attack told BleepingComputer they stole “10 terabytes of data, private databases, etc” from Canon. The data could end up online if Canon refuses to pay the ransom. Read: Garmin restores some services, a week after a ransomware attack John Shier, senior security advisor at cybersecurity firm Sophos described the ransomware attack on Canon as another example of Maze gang’s sustained and brazen targeting of enterprises. “Following other recent high-profile attacks, this latest salvo should be a wake-up call to all the enterprises who haven’t taken the time to assess their security posture and bolster their defences against these pernicious adversaries,” he said. Many ransomware attacks start by exploiting external services or simple phishing campaigns. “The successful campaigns will often be followed by living-off-the-land techniques, abusing over-privileged and under-protected accounts, and hiding in plain sight,” Shier warned. Shier calls upon enterprises to ensure they’ve built a strong security foundation that includes the principle of least privilege, multi-factor authentication (MFA) everywhere, patching and user training, among other measures. “[These measures must include] investment in both prevention and detection technologies today if they don’t want to be a victim tomorrow,” he concluded. Why businesses within the Middle East need to guard against a “new normal” wave of cyberattacks Tags Canon cybersecurity encryption Hackers Maze Ransomware 0 Comments You might also like Hackers are targetting UAE, Saudi businesses’ cloud services — survey Cover story: How regtech tools can help UAE-based entities enhance compliance and security Interview: Positive Technologies maps cybersecurity trends in MENA Illumio’s Trevor Dearing explains the critical need for a Zero Trust Approach in times of AI