"Enterprises must take the time to ensure they've built a strong security foundation, which includes investment in both prevention and detection technologies today if they don't want to be a victim tomorrow", the advisor added.
BleepingComputer had reported on the incident after tracking an outage on Canon's image.canon cloud photo and video storage service. This led BleepingComputer to believe there was more to the story and that they suffered a cyberattack. The mobile application and web browser services of image.canon were suspended while conducting further investigation.
Bleeping Computer also released a statement that the company allegedly sent by its employees that recognize the attack of ransomware and claim to be investigating what happened.
An internal e-mail from Canon IT supposedly stated that the business is experiencing "wide spread system issues affecting multiple applications, Teams, Email, and other systems may not be available at this time".
Partial ransom note from Canon aggressors.
On July 30, 2020, we identified an issue involving the 10GB long-term storage on image.canon.
According to United States site BleepingComputer, 10Tb of data has been stolen, with Canon also suffering from widespread system outages, affecting over 20 of its domains.
However, the gang refused to divulge any more information regarding the attack including proof of stolen data, the ransom amount, and the number of devices encrypted.
During this process, Maze will steal unencrypted files from servers and backups and upload them to the threat actor's servers.
"If you do not contact us in a 3 days we will post information about your breach on our public news website, and on 7 days the whole downloaded info, ' the 'ransom note" informs Canon USA, citing previous examples where the ransomware gang has released sensitive information to encourage the ransom payment. This group of ransomware operators was responsible for other high-profile attacks to institutions like Xerox, LG, Conduent, Chubb, MaxLinear, Cognizant, VT San Antonio Aerospace, and the City of Pensacola, Florida.
Canon, on its part, has now confirmed the security incident, admitting that the company is suffering the effects of a ransomware attack.