Reports from several news outlets, including BleepingComputer and Security Week, are stating that print giant Xerox has been a victim of ransomware. The Maze Ransomware operators are claiming to have breached Xerox's network and stolen more than 100 GB of customer information. They are demanding a ransom payment, or they will publish the data that could contain financial documents and other sensitive customer information. Xerox has not yet responded.
The Maze Group has been hitting large IT companies over the last year, including LG Electronics and Managed IT Giant Cognizant. What is particularly concerning about Maze Ransomware is that it demands money to provide decryptors to get your data back. Then it comes back for a second ransom to not publish the data they've stolen online.
Maze is a type of Windows ransomware that spreads across your network, infecting computers and encrypting data so it cannot be accessed. But Maze also steals that data and sends it to servers run by cybercriminals, causing a data breach. This combination of a ransomware attack and data breach holds your data hostage until you pay the first ransom. Then they threaten to sell your data to other outlets, creating the possibility of attacks on your clients and partners well.
As ransomware attacks have increased in frequency, companies have realized that a useful data backup program allows for the restoration of data in case of an attack. To maximize their schemes, hackers have developed this new type of threat to make more money from victims. The Maze Group is particularly bold, publishing a website that includes details about the victims of their attacks, when they occurred, and even links to stolen data to show they aren't lying.
The Maze ransomware exploits unpatched vulnerabilities, remote desktop connections with weak passwords or a bogus email attachment or link. In some instances, attacks can come from a client or vendor you work with who has already been a victim of Maze.
Protecting your business from any cyberattack involves several things, including:
If your company falls victim to a Maze attack or any cybersecurity attack, the FBI recommends you contact law enforcement immediately to report the incident and request assistance. The FBI also provides this valuable ebook on protecting your networks from ransomware for more tips.
Fraser's Managed IT Services Group provides the services you need to keep your data and network protected, including network management, data backup and recovery, dark web monitoring and IT security. To learn more about Fraser's cybersecurity offerings, schedule an assessment today with our experts.