French media is reporting that the Bouygues Group’s construction subsidiary has been hit by a massive ransomware attack. The entire computer network has been affected, and all of the company’s servers shut down. A ransom of 10 million Euros has been requested, and at least 200GB of data already stolen.
The @Bouygues_C computer network has been the victim of an act of cybercrime. We are doing everything we can to get back to normal as soon as possible. We are in close contact with our customers and partners as well as the relevant authorities. https://t.co/eHW3qoJMlD
— BouyguesConstruction (@Bouygues_C) January 31, 2020
Experts Comments
With these type of high velocity attacks time is the defending security team’s most precious resource.
We’ve recently seen multiple Maze ransomware attacks and data leaks, particularly in the US which prompted the FBI to put out warnings late last year. The attacks on Bouygues are thought to have spread from their US operations and widely disrupted their global IT operations.
Ransomware is an insidious threat spreading virulently at machine speed across the victim’s internal networks, and there are no perfect defences. With these type of high velocity attacks time is the defending.....Read More
The ransomware uses RSA-2048 and ChaCha20 encryption and normally requires the victim to contact the threat actor by email for the decryption key.
The threat actors behind the Maze ransomware attacks are responsible for this attack and they are known to steal the victim's data before encrypting it. If the data is also stolen, the threat actors can use this to threaten Bouygues Construction to publicly release their data unless a ransom is paid. The company has responded professionally by acknowledging the attack and this is vital step in responding to such cyber attacks.
The ransomware Maze has hit a range of firms in the past including.....Read More
Dot Your Expert Comments
Only for registered and approved experts. Please register before providing comments. Register here
Linkedin Message
@Sam Curry, Chief Security Officer, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Recovery is paramount and continual improvement and learning after the discovery is critical. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/bouygues-construction-paralysed-by-a-major-cyber-attack-experts-insight
Facebook Message
@Sam Curry, Chief Security Officer, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Recovery is paramount and continual improvement and learning after the discovery is critical. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/bouygues-construction-paralysed-by-a-major-cyber-attack-experts-insight