Security News > 2021 > June > FUJIFILM shuts down network after suspected ransomware attack

FujiFilm is investigating a ransomware attack and has shut down portions of its network to prevent the attack's spread. FujiFilm, also known as just Fuji, is a Japanese multinational conglomerate headquartered in Tokyo, Japan, which initially started in optical film and cameras.

"FUJIFILM Corporation is currently carrying out an investigation into possible unauthorized access to its server from outside of the company. As part of this investigation, the network is partially shut down and disconnected from external correspondence," FUJIFILM said in a statement.

While FUJIFILM has not stated what ransomware group is responsible for the attack, Advanced Intel CEO Vitali Kremez has told BleepingComputer that FUJIFILM was infected with the Qbot trojan last month.

"Since the underground ransomware turmoil, the Qbot malware group currently works with the REvil ransomware group."

In the past, the ProLock and Egregor ransomware gangs partnered with Qbot, but with the shutdown of those operations, the REvil ransomware operation has been utilizing the botnet.

While ransomware has been active since 2012, it has recently gained worldwide attention after the attacks on Colonial Pipeline, the US's largest fuel pipeline, and the world's largest beef producer, JBS. The US government has created a ransomware task force to recommend new policies and guidelines for battling the growing threat.

News URL

https://www.bleepingcomputer.com/news/security/fujifilm-shuts-down-network-after-suspected-ransomware-attack/