Security News > 2021 > June > FUJIFILM shuts down network after suspected ransomware attack
FujiFilm is investigating a ransomware attack and has shut down portions of its network to prevent the attack's spread. FujiFilm, also known as just Fuji, is a Japanese multinational conglomerate headquartered in Tokyo, Japan, which initially started in optical film and cameras.
"FUJIFILM Corporation is currently carrying out an investigation into possible unauthorized access to its server from outside of the company. As part of this investigation, the network is partially shut down and disconnected from external correspondence," FUJIFILM said in a statement.
While FUJIFILM has not stated what ransomware group is responsible for the attack, Advanced Intel CEO Vitali Kremez has told BleepingComputer that FUJIFILM was infected with the Qbot trojan last month.
"Since the underground ransomware turmoil, the Qbot malware group currently works with the REvil ransomware group."
In the past, the ProLock and Egregor ransomware gangs partnered with Qbot, but with the shutdown of those operations, the REvil ransomware operation has been utilizing the botnet.
While ransomware has been active since 2012, it has recently gained worldwide attention after the attacks on Colonial Pipeline, the US's largest fuel pipeline, and the world's largest beef producer, JBS. The US government has created a ransomware task force to recommend new policies and guidelines for battling the growing threat.
News URL
Related news
- Sensata Technologies hit by ransomware attack impacting operations (source)
- Ransomware attack cost IKEA operator in Eastern Europe $23 million (source)
- Kidney dialysis firm DaVita hit by weekend ransomware attack (source)
- Ahold Delhaize confirms data theft after INC ransomware claims attack (source)
- Interlock ransomware gang pushes fake IT tools in ClickFix attacks (source)
- Interlock ransomware claims DaVita attack, leaks stolen data (source)
- Ransomware attacks are getting smarter, harder to stop (source)
- Hitachi Vantara takes servers offline after Akira ransomware attack (source)
- Marks & Spencer breach linked to Scattered Spider ransomware attack (source)
- Ukrainian extradited to US for Nefilim ransomware attacks (source)