Throughout a brief statement, Olympus stated that “currently investigating a potential cybersecurity incident” and is affecting the computer network in Europe, the Middle East and Africa.
“Upon detection of suspicious activity, we immediately mobilized a specialized response team including forensics experts, and we are currently working with the highest priority to resolve this issue. As part of the investigation, we have suspended data transfers in the affected systems and have informed the relevant external partners,” the statement said.
However, Olympus recovers from a ransomware attack that began in the early hours of September 8, according to a person with knowledge of that situation. The guy revealed information about the incident on Saturday before Olympus.
A ransom note from the ransomware outfit BlackMatter has been laid behind on compromised PCs. “The encryption of your network is not working at this time,” states it. “We’ll offer you with decryption programs if you pay.” The ransom note also contained a website URL that is only available via the Tor Browser that BlackMatter is known to utilize in communications with its victims.
Brett Callow, an expert in ransomware and an analyst of threats at Emsisoft, informed TechCrunch that the BlackMatter organization is involved in the ransom note.
BlackMater is a Ransomware-as-a-Services group which was founded to succeed several ransomware groups, including DarkSide, which recently re-started the criminal globe after a high-profile Colonial Pipeline ransomware attack and REvil, which silenced hundreds of firms with ransomware months after the Kaseya attack.
The U.S. Government, which threatened to respond if important facilities were again targeted, captured both incidents. Only REvil has emerged, but no further victims have yet been claimed.
Groups like BlackMatter rent an infrastructure for their affiliates to launch attacks, while BlackMatter pays for any ransom. In addition, Emsisoft uncovered technical ties between Darkside and BlackMatter and their code overlaps.
Emsisoft has registration since its formation in June for more than 40 BlackMatter-assigned ransomware assaults, however a considerable increase will certainly occur in the number of victims.
Ransomware groups like as BlackMatter often grab data from the network of a firm before it is encrypted and threaten later to disclose online files if the ransom for decrypting files is not paid.
There was no listing for Olympus at the time of its publishing on another website affiliated with BlackMatter, which the group uses for the promotion of its victims and provides stolen data.
Japan-headquartered In the fields of medical and life sciences, Olympus manufactures optical and digital reprography technologies.
The company has previously developed digital and other electronic cameras before its fighting camera segment was sold in January.
Olympus said it was “currently working to determine the extent of the issue and will continue to provide updates as new information becomes available.”
Olympus spokesman Christian Pott said that customer service has not been harmed.
