close
close

Fujitsu falls victim to a worm-like attack by something that wasn’t ransomware

Fujitsu falls victim to a worm-like attack by something that wasn’t ransomware

After months of investigation, Fujitsu now declares that the malware that infected its systems in a Cyber ​​attack last March It was not ransomware, as previously suspected, and it was also noted that the binary was self-propagating, working its way through the company’s internal networks in Japan.

In its summary of the investigation’s findings this week, the consumer electronics and networking giant confirmed that the malware first took hold on one of Fujitsu’s business PCs and attacked from an external server (it did not mention how it first gained access). The malware was “particularly difficult to detect,” according to Fujitsu, because it used sophisticated techniques to disguise itself while replicating itself to 49 other PCs on the network.

Only the presence in Japan was affected.

“The affected computers were not managed through the cloud services provided by Fujitsu,” the company stated in advice. “In addition, no traces of access to the services provided by Fujitsu to customers were found. The investigation found that the damage did not spread beyond the company’s business computers, including to customers’ network environments.”

Nevertheless, the attack resulted in the exfiltration of data, including files containing “personal or business-related information about specific customers.”

The company said it has since strengthened its security measures, including implementing security monitoring rules for the unspecified malware on all company PCs and improving the features and updates of its virus detection software.