The company has been targeted by “Maze” ransomware group. Cognizant has over 300,000 employees. It is working with law enforcement authorities to investigate the attack. The company released a statement on Saturday that said, “Cognizant can confirm that a security incident involving our internal systems, and causing service disruptions for some of our clients, is the result of a Maze ransomware attack.”
While there are no more details of the attack, Cognizant has started communicating with the impacted clients on the measures to be taken by them. The internal security teams supplemented by leading cyber defence firms are taking steps to contain the incident. The IT firm has provided the clients with Indicators of Compromise (IOCs) and other technical information of a defensive nature.
The hackers behind Maze have been in news for holding its victims hostage by threatening them to leak the information if the company does not pay its ransom. Typical ransomware attacks infect computers in a network and encrypt files on these computers to demand a ransom. Maze ransomware attackers are a little different. They exfiltrate or transfer the data onto their server. The data is held until a ransom is paid to recover it. If the victim does not pay, Maze attackers publish the data online.
Several large companies have been attacked by Maze in the past. The FBI has warned business in December about the increase in Maze-related incidents. Cognizant is yet to be named on a website associated with Maze attackers.