Business Operation Gets Shut Down as FujiFilm Suffers An Attack

 

On Wednesday 2nd June, Fujifilm released a short statement to reveal the illegitimate infiltration of its server by foreign parties. However, it did not specify that whether the ransomware component used in the attack was recognized, whether any information was exfiltrated from its Internet, or whether attackers approached them for a ransom. 

Earlier on 4th June, Japan's global Fujifilm group formally announced that perhaps a ransomware attack that impacted corporate operational activities had been committed earlier in this week. 

“FUJIFILM Corporation is currently carrying out an investigation into possible unauthorized access to its server from outside of the company. As part of this investigation, the network is partially shut down and disconnected from external correspondence,” stated Fujifilm. 

In various interactions with Fujifilm employees though, it looked internally that ransomware was responsible for the attack and that the business had to disconnect pieces of its network around the world. 

Fujifilm advised their staff to shut down their laptops and all other servers immediately at roughly 10:00 AM EST on Tuesday. The network failure also blocked the email, the billing system, and the reporting system from being accessed. Fujifilm has also incorporated warning to its consumers of disruption of their operation to alert their customers. 

Whereas the ransomware gang behind the attack has still not been named, the REvil ransomware campaign is thought to be the case. The REvil ransomware gang will infiltrate a system and steadily expand to several other machines while collecting unencrypted data via the remote access offered by the Trojan. 

Once they get access to a domain admin account in the Windows domain and collect valuables, then they can use the ransomware to encrypt devices across the system. 

Operation DarkSide ransomware targeted last month the largest US petroleum pipeline, the Colonial Pipeline. In certain States it caused the pipeline to be shut down.

Last month, the Conti ransomware group attacked the HSE, the public health service in Ireland, and the Department of Health, leading to a major disturbance in health care services. 

"It will be a topic of discussion in direct, one-on-one discussions — or direct discussions with President Putin and President Biden happening in just a couple of weeks," Psaki said at the press briefing.