Medical systems maker Olympus Global, one of the largest producers of endoscopes worldwide, has issued an advisory warning of a potential security breach and cyberattack. The Japan-based company issued the notice on its website in mid-October. (The company, once best known for producing cameras and binoculars, is strictly a medical device maker now. Since January, the cameras and other consumer products are produced and sold by a separate company, OM Digital Solutions.) The notice, which has the headline, “Investigating potential cybersecurity incident affecting our IT system in the Americas,” reads in part as follows:
Upon detection of suspicious activity, we immediately mobilized a specialized response team including forensics experts, and we are currently working with the highest priority to resolve this issue. As part of the investigation and containment, we have suspended affected systems and have informed the relevant external partners. The current results of our investigation indicate the incident was contained to the Americas with no known impact to other regions.
We are working with appropriate third parties on this situation and will continue to take all necessary measures to serve our customers and business partners in a secure way. Protecting our customers and partners and maintaining their trust in us is our highest priority.
Our investigation is ongoing and we are committed to transparent disclosure and will continue to provide updates as new information becomes available.
While the Olympus notice states that it is a “potential” cyberattack, the company’s response suggests it is all but confirmed to be one. A major corporation would not mobilize such a major response, including allowing third-party experts access to their internal network if this was not a known attack. There is not much to go on outside of this release, but considering the state of most corporate attacks, ransomware is likely the cause. Nothing has the ability to shut down operations, especially in such quick succession, as ransomware attacks do.
In an interview with Infosecurity Magazine, this sentiment was echoed by Heather Gantt-Evans, the CISO of SailPoint. In this interview, Gantt-Evans stated the following:
Organizations are at risk of repeat attacks, whether that’s from the threat actor that breached their systems the first time, or one of their affiliates. They may also employ double extortion tactics where even after the ransom is paid to unencrypt the data, the threat actor will request more money later on to not release the victim’s stolen data publicly.”
If any more information is issued by Olympus Global, it will be reported on.
Featured image: Freepik / Computer vector created by Macrovector