FujiFilm is investigating a ransomware assault and has shut down parts of its community to forestall the assault’s unfold.
FujiFilm, often known as simply Fuji, is a Japanese multinational conglomerate headquartered in Tokyo, Japan, which initially began in optical movie and cameras. It has grown to incorporate prescribed drugs, storage units, photocopiers and printers (XEROX), and digital cameras.
FUJIFILM earned $20.1 billion in 2020 and has 37,151 staff worldwide.
Seemingly ransomware assault
As we speak, FUJIFILM introduced that their Tokyo headquarters suffered a cyberattack Tuesday evening that they point out is a ransomware assault.
“FUJIFILM Company is at present finishing up an investigation into potential unauthorized entry to its server from exterior of the corporate. As a part of this investigation, the community is partially shut down and disconnected from exterior correspondence,” FUJIFILM mentioned in a press release.
“We wish to state what we perceive as of now and the measures that the corporate has taken. Within the late night of June 1, 2021, we turned conscious of the opportunity of a ransomware assault. In consequence, we have now taken measures to droop all affected programs in coordination with our numerous international entities.”
“We’re at present working to find out the extent and the size of the difficulty. We sincerely apologize to our prospects and enterprise companions for the inconvenience this has prompted.”
As a result of partial community outage, FUJIFILM USA has added an alert to the highest of their web site stating that they’re experiencing community issues which are impacting their e-mail and telephone programs.
Whereas FUJIFILM has not said what ransomware group is chargeable for the assault, Superior Intel CEO Vitali Kremez has instructed BleepingComputer that FUJIFILM was contaminated with the Qbot trojan final month.
“Primarily based on our distinctive menace prevention platform Andariel, FUJIFILM Company seemed to be contaminated with Qbot malware based mostly on Might 15, 2021,” Kremez instructed BleepingComputer. “For the reason that underground ransomware turmoil, the Qbot malware group at present works with the REvil ransomware group.”
“A community an infection attributed to QBot robotically leads to dangers related to future ransomware assaults.”
The operators of the Qbot trojan have an extended historical past of working with ransomware operations to offer distant entry to compromised networks.
Whereas ransomware has been energetic since 2012, it has not too long ago gained worldwide consideration after the attacks on Colonial Pipeline, the US’s largest gas pipeline, and the world’s largest beef producer, JBS.
The US authorities has created a ransomware task force to advocate new insurance policies and pointers for battling the rising menace.