Sopra Steria, the France based Information Technology company was hit by a ransomware attack forcing it to pull down all its servers offline. Sources say that the attack was discovered last weekend and as per the preliminary inquiry conducted thereafter, the malware could have entered the database on Tuesday last week.
Ryuk Ransomware is the malware that hit the database of Sopra Steria and information is out that the hackers managed to steal a portion of data and then managed to lock up the database.
An in-depth investigation has been launched and law enforcement has been informed about the incident.
Prima Facie has confirmed that no customer data was compromised in the incident and the data continuity plan was working efficiently.
RYUK is a kind of file-encrypting malware that has targets its victims by first stealing a portion of data and then encrypting the database until a ransom is paid. It has so far hit a US defense contractor EWA and Spanish Logistics firm name Prosegur this year.
Note- FBI has issued a press statement in November last year urging victims not to pay any ransom to those spreading the file-encrypting malware. As it does not guaranty a return of the decryption key. In another media update released in Feb’2020, the US-based law enforcement agency re-crafted its statement saying that the victims can pay a ransom if they are left with no other choice. For instance, they do not have any cyber-attack remediation plan in place or any kind of data backup.