FUJIFILM Had Shut Down Its Network After a Suspected Ransomware Attack
The Company Is Investigating a Ransomware Attack and Decided to Shut Down Parts of Its Network in Order to Prevent the Attack’s Spread.
FUJIFILM, the Japanese multinational conglomerate with the headquarter in Tokyo, Japan, has grown to include pharmaceuticals, storage devices, photocopiers and printers (XEROX), as well as digital cameras, thus earning $20.1 billion in 2020 and having 37,151 employees worldwide.
FUJIFILM disclosed that their Tokyo headquarters have suffered a cyberattack on Tuesday night that looks like a ransomware attack.
FUJIFILM Corporation is currently carrying out an investigation into possible unauthorized access to its server from outside of the company. As part of this investigation, the network is partially shut down and disconnected from external correspondence.
We want to state what we understand as of now and the measures that the company has taken. In the late evening of June 1, 2021, we became aware of the possibility of a ransomware attack. As a result, we have taken measures to suspend all affected systems in coordination with our various global entities.
We are currently working to determine the extent and the scale of the issue. We sincerely apologize to our customers and business partners for the inconvenience this has caused.
Ransomware is a type of malware (malicious software) that encrypts all the data on a PC or mobile device, blocking the data owner’s access to it. After the infection happens, the victim receives a message that tells him/her that a certain amount of money must be paid (usually in Bitcoins) in order to get the decryption key. Usually, there is also a time limit for the ransom to be paid. There is no guarantee that the if the victim pays the ransom, he/she will get the decryption key. The most reliable solution is to back up your data in at least 3 different places (for redundancy) and keep those backups up to date, so you don’t lose important progress.
The attack caused a partial network outage; therefore, FUJIFILM USA added an alert to the top of their website stating that they are experiencing network problems that are impacting their email and phone systems.
FUJIFILM did not state what ransomware group is responsible for the attack, but Vitali Kremez, CEO of Intel told BleepingComputer that FUJIFILM was infected with the Qbot trojan last month, whilst also stating that the Qbot malware group is apparently working with the REvil ransomware group.
The Qbot trojan operators have a long history of working with ransomware operations in order to provide remote access to compromised networks, as in the past they’ve partnered with ProLock and Egregor ransomware gangs but after the shutdown of those operations, the REvil ransomware operation has been utilizing the botnet.
Heimdal™ Ransomware Encryption Protection
- Blocks any unauthorized encryption attempts;
- Detects ransomware regardless of signature;
- Universal compatibility with any cybersecurity solution;
- Full audit trail with stunning graphics;