fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

CompuCom MSP Expects Over $20M In Losses After Ransomware Attack

CompuCom MSP Expects Over $20M In Losses After Ransomware Attack

American managed service provider CompuCom is expecting losses of over $20 million following this month’s DarkSide ransomware attack that took down most of its systems.

CompuCom is an IT managed services provider (MSP) and a wholly-owned subsidiary of The ODP Corporation (Office Depot/Office Max).

The MSP’s workforce of over 8,000 employees provides hardware and software repair, remote support, and other tech services to high-profile companies, including Citibank, Home Depot, Wells Fargo, Target, Trust Bank, and Lowe’s.

Some expenses to be covered by cyber insurance

“The Company estimates the loss of revenue to be between $5.0 million and $8.0 million as a result of the incident (primarily because of CompuCom’s need to temporarily suspend certain services to certain customers),” CompuCom’s parent company, ODP Corporation, revealed on Friday.

“In addition, the Company expects to incur expenses of up to $20 million, of which the Company assumes approximately $10 million will be accrued through the first quarter of 2021.”

The expenses are mainly related to the company’s ongoing efforts to restore impacted systems and services, as well as “to address certain other matters resulting from the incident.”

CompuCom also expects that a share of the expenses incurred after the ransomware attack will be covered by cyber insurance.

“The Company carries insurance, including cyber insurance, which it believes to be commensurate with its size and the nature of its operations and expects that a portion of these costs may be covered by insurance,” ODP Corporation added.

The MSP is still working on restoring service delivery to customers since the ransomware hit its network and expects to “have service delivery restored to substantially all of its customers” by the end of March.

Also Read: PDPA Singapore Guidelines: 16 Key Concepts For Your Business

Ransomware deployed using Cobalt Strike beacons

After discovering that DarkSide ransomware’s operators started encrypting CompuCom’s systems, the MSP disconnected their access to some customers to block the malware from spreading.

The company also notified the customers that they were compromised by malware soon after the attack, but didn’t share any info about a possible ransomware attack.

After going through the first stages of the incident’s investigation, CompuCom reached out to customers with a ‘Customer FAQ Regarding Malware Incident’ containing additional details.

According to the FAQ, the threat actors installed Cobalt Strike beacons on several systems in CompuCom’s environment, beacons that allowed them to steal data, spread to other network devices, and eventually deploy the ransomware payloads on February 28.

Also Read: Data Protection Officer Singapore | 10 FAQs

DarkSide ransomware hit other organizations in the past, including the Brazilian Eletrobras and Copel energy companiesDiscount Car and Truck Rentals, and Brookfield Residential.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us