fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Finnish IT Services Giant TietoEVRY Discloses Ransomware Attack

Finnish IT Services Giant TietoEVRY Discloses Ransomware Attack

Finnish IT services giant TietoEVRY has suffered a ransomware attack that forced them to disconnect clients’ services.

TietoEVRY is a Finnish software development and IT services company that employs 24,000 people throughout 80 countries. The company earned €2.95 billion in revenue for 2019.

On Monday, TietoEVRY experienced technical issues for 25 customers in the retail, manufacturing, and service-related industries, which was later learned to be caused by a ransomware attack.

After learning of the attack, TietoEVRY disconnected the affected infrastructure and services to prevent the ransomware’s further spread.

Also Read: What Do 4 Messaging Apps Get From You? Read The iOS Privacy App Labels

“Due to the ransomware the affected infrastructure and services were disconnected. Together with the affected customers and our partners, we are working to enable recovery of the operations soonest.”

“All affected customers have been informed and regular updates are being shared with them on the progress,” TietoEVRY disclosed in a press statement.

TietoEVRY says they reported the attack to local authorities, the Norwegian National Security Authority (NSM), and NorCert, who are assisting in the investigation.

“TietoEVRY takes the situation extremely seriously and does upmost to solve it and recover the impacted services soonest possible. We have activated an extended team with the necessary capacity and competence and are working hard to solve the situation”, says Christian Pedersen, Managing Partner in TietoEVRY Norway.

IT services companies are prime targets

IT services companies that provide MSP and MSSP service offerings are a prime target for ransomware gangs due to how these companies operate.

To properly service their clients, MSPs and MSSPs manage their clients through remote connections and software that can quickly push out new updates and fixes as needed.

By targeting MSP/MSSPs, ransomware gangs can use the company’s remote access software and support applications to spread the ransomware to their clients.

Also Read: Key PDPA Amendments 2019/2020 You Should Know

This allows a single attack to create multiple victims to further extort the payment of a ransom.While attacks against IT services companies don’t always affect clients, as we saw with Tyler Technologies and Cognizant, there have been successful REvil and GandCrab ransomware MSP attacks that also encrypted managed customers.

Thx to @chum1ng0 and @cyb5r3Gene for the tip!

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us