The Maze hacking group has stolen ten terabytes of data from Canon due to a ransomware attack on the image and information company.
The malware attack has impacted quite a few of the company’s services, such as their USA website, email, and internal applications.
Successful ransomware attack
Bleeping Computer shared an image of an internal communication concerning the ransomware attack. The communication, called “Message from IT Service Center,” was sent out early yesterday morning.
The communication said, “Attention: Canon USA is experiencing wide spread system issues, affecting multiple applications, Teams, Email and other systems may not be available at this time. We apologize for the inconvenience – a status update will be provided as soon as possible.”
The malware attack impacted a good number of Canon domains. The most important aspect of the hack was the sheer amount of data that was stolen.
The Maze hacking group told Bleeping Computer that they stole “10 terabytes of data, private databases etc” in the ransomware attack. The hackers did not share any information on how much they are demanding in ransom, nor did they offer any proof of the stolen data.
The usual modus operandi for Maze is to expose any data stolen on a data leak site they control if the ransom is not paid.
Bleeping Computer managed to obtain a partial screenshot of the ransom note delivered to Canon. The note states, “We hacked your network and now all your files, documents, photos, databases, and other important data are safely encrypted with reliable algorithms.”
The ransom note continues, “You cannot access the files right now. But do not worry. You can get it back! It is easy to recover in a few steps. We have also downloaded a lot of private data from your network, so in case of not contacting us as soon as possible this data will be released.”
The hackers told Canon that the company has three days to contact Maze or else the hacking group will post information on their public news website. All of the stolen information would be posted seven days after the ransom demand was delivered.
As for now, Canon is “currently investigating the situation.”
A growing list of victims
Canon is the latest company to run afoul of Maze. The hacking group has claimed responsibility for attacks on Xerox, Chubb, Conduent, LG, Cognizant, MaxLinear, and the Florida city of Pensacola.
The last few years have seen the increasing use of ransomware to attack local governments, organizations, and businesses. Singapore alone has seen a 50% increase in such attacks in 2020.
The cost of such attacks is huge. Cybersecurity company Emsisoft estimates that the total global cost of ransomware was US$169 billion [AUS$246 billion] in 2019. Such attacks in Australia last year resulted in over US$1 billion [AUS$1.46 billion] in costs due to downtime and ransoms paid.