The Maze ransomware campaign seems to be hitting fever pitch. Starting in November 2019, Maze ransomware, which not only encrypts files but also makes a copy of them, has been changing the threat landscape. With this development, ransomware has become even more dangerous as attackers now hold all the proverbial cards.
It is this reality that Cognizant, a multinational IT services corporation and Fortune 500 member, is dealing with. On their website, Cognizant confirmed that it is indeed dealing with the feared Maze ransomware variant.
The security warning on their website reads as follows:
Cognizant can confirm that a security incident involving our internal systems, and causing service disruptions for some of our clients, is the result of a Maze ransomware attack. Our internal security teams, supplemented by leading cyber defense firms, are actively taking steps to contain this incident. Cognizant has also engaged with the appropriate law enforcement authorities. We are in ongoing communication with our clients and have provided them with Indicators of Compromise (IOCs) and other technical information of a defensive nature.
There is no publicly available information, as of this article’s writing, that indicates just how Cognizant was infected with Maze ransomware. What is certain is that, no matter how the company handles this, there is no real “beneficial” option. They cannot hit reset and hope that wiping their systems will take care of things. Maze ransomware has effectively made this desperation tactic impossible by copying all files.
If Cognizant pays the ransom, there is no guarantee that the criminals will keep the data hidden. On the other hand, if Cognizant doesn’t pay the ransom, the data will absolutely be leaked. Previous Maze victims have reported this very thing occurring when they refused to comply with the threat actor’s demands.
As this case develops, and as more Maze ransomware infections occur, there will be up-to-date reporting by TechGenix on the issue. One thing is certain, ransomware attacks are never going to be the same.
Featured image: Flickr / Christiaan Colen