Threat Management, Malware, Ransomware

Maze ransomware attack catches IT services firm Cognizant unawares

Digital solutions provider and IT consultant giant Cognizant has been struck by a Maze ransomware attack that infected its systems and caused service disruptions to its clients.

The Teaneck, N.J.-based company, with roughly $15 billion in revenue, confirmed the incident in a press release over the weekend. Cognizant serves a wide spectrum of industries, including banking, consumer goods, healthcare, manufacturing, retail, and transportation and logistics -- all of which could use IT support and strategy during the ongoing coronavirus pandemic, when business systems are especially strained and stressed.

"It's one of the fundamental security challenges in the 21st century: Your company may be buttoned up, but your business partners, vendors and service providers may be at risk," said Jake Olcott, VP at BitSight. "The massive shift to work from home is only exacerbating the third party risk management challenge. Companies struggle to manage risk from their own remote workforce. Now, each one of their business partners and vendors has their own remote workforce. The attack surface has just exploded overnight."

"Our internal security teams, supplemented by leading cyber defense firms, are actively taking steps to contain this incident," Cognizant's press release states. "Cognizant has also engaged with the appropriate law enforcement authorities. We are in ongoing communication with our clients and have provided them with Indicators of Compromise (IOCs) and other technical information of a defensive nature," it continues.

"The Maze ransomware is part of a new wave of particularly devious strains of ransomware which steals data before encrypting it and threatens to release this stolen data if the victim organization does not pay. Therefore, even if an organization has backups from which they can restore data and continue operations, it would not be enough to mitigate all the threats," said Javvad Malik, security awareness advocate at KnowBe4. "A layered defense is therefore essential, so that organizations make it difficult for criminals to install ransomware, and if they do, detect exfiltration and encryption of data."

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.