Reports from several news outlets, including BleepingComputer and Security Week, are stating that print giant Xerox has been a victim of ransomware. The Maze Ransomware operators are claiming to have breached Xerox's network and stolen more than 100 GB of customer information. They are demanding a ransom payment, or they will publish the data that could contain financial documents and other sensitive customer information. Xerox has not yet responded.
The Maze Group has been hitting large IT companies over the last year, including LG Electronics and Managed IT Giant Cognizant. What is particularly concerning about Maze Ransomware is that it demands money to provide decryptors to get your data back. Then it comes back for a second ransom to not publish the data they've stolen online.
What is Maze?
Maze is a type of Windows ransomware that spreads across your network, infecting computers and encrypting data so it cannot be accessed. But Maze also steals that data and sends it to servers run by cybercriminals, causing a data breach. This combination of a ransomware attack and data breach holds your data hostage until you pay the first ransom. Then they threaten to sell your data to other outlets, creating the possibility of attacks on your clients and partners well.
As ransomware attacks have increased in frequency, companies have realized that a useful data backup program allows for the restoration of data in case of an attack. To maximize their schemes, hackers have developed this new type of threat to make more money from victims. The Maze Group is particularly bold, publishing a website that includes details about the victims of their attacks, when they occurred, and even links to stolen data to show they aren't lying.
How Does Maze Get Into A Network
The Maze ransomware exploits unpatched vulnerabilities, remote desktop connections with weak passwords or a bogus email attachment or link. In some instances, attacks can come from a client or vendor you work with who has already been a victim of Maze.
How You Can Protect Yourself From Maze
Protecting your business from any cyberattack involves several things, including:
- Maintain secure offsite backups of your data.
- Ensure your computers have all of the latest patches installed to protect against vulnerabilities.
- Use strong, unique passwords to protect your accounts and data, and enable multi-factor authentication whenever possible.
- Encrypt all sensitive data.
- Train employees about how hackers operate when trying to gain unauthorized access to your company's network and data to recognize red flags and report them quickly.
If your company falls victim to a Maze attack or any cybersecurity attack, the FBI recommends you contact law enforcement immediately to report the incident and request assistance. The FBI also provides this valuable ebook on protecting your networks from ransomware for more tips.
Fraser's Managed IT Services Group provides the services you need to keep your data and network protected, including network management, data backup and recovery, dark web monitoring and IT security. To learn more about Fraser's cybersecurity offerings, schedule an assessment today with our experts.