Search This Blog

Powered by Blogger.

Blog Archive

Labels

Inetum hit by Ransomware Attack

A crisis team was formed to coordinate necessary plans and to investigate the occurrence.

 

With everybody celebrating their Christmas break, Inetum Group, a French IT services company, was targeted by a ransomware attack that had a minor influence on the firm and its clients. 

Inetum operates in over 26 countries and provides digital services to businesses in a variety of industries, including aerospace and defense, banking, automotive, energy and utilities, healthcare, insurance, retail, public sector, transportation, telecom, and media. 

The organization is an appealing target for ransomware gangs because it provides services to a big variety of companies and has a revenue of nearly $2 billion. 

On Sunday, December 19, Inetum was the target of a ransomware assault that disrupted some of its French operations but did not expand to broader infrastructures utilized by customers. 

The Group's crisis unit responded promptly to safeguard key links that, if breached, potentially put clients at risk. To that purpose, the operational teams separated all vulnerable network servers and discontinued client VPN connections. 

An initial examination showed that the ransomware variant utilized in the attack was not used during the incident, and also that the recent significant Log4j vulnerability was not abused. 

The virus employed was not disclosed by Inetum Group, although according to Valéry Marchive, editor-in-chief of the French newspaper LeMagIt, the attackers utilized BlackCat ransomware, also known as ALPHV and Noberus. 

The ransomware is written in Rust, which is unusual for ransomware operations and has been utilized in attacks since at least November 18, according to Symantec, a Broadcom business. 

BlackCat offers a lot of advanced techniques and also a very versatile configuration that lets it propagate to other computers, shutdown virtual machines, and ESXi hypervisors, and erase them. 

The attack has been reported to authorities, and Inetum Group is coordinating with specialized cybercrime units. A third party has also been called in to assist with incident response. 

According to the corporation, delivery operations to clients are safe for the time being, and messaging and collaboration systems are unaffected.
Share it:

Cyber Attacks

Inetum

Ransomware attack