Cygilant actually protects other companies from cyber attacks. Now the start-up itself has a serious security problem.
It is the nightmare of every company: If a blackmail trojan finds its way into the company network and begins its nasty work, it can, in the worst case, paralyze the work of the entire company. The breakdown not only has to be fixed, but the failure also has to be explained to the customer. For the start-up Cygilant, which has now been paralyzed by a blackmail Trojan, the latter is likely to be particularly embarrassing: Its main product is IT security at other companies.
The company was “aware of an extortion Trojan attack that affects parts of Cygilant’s technical equipment,” said CFO Christina Lattuca in a statement according to “Techcrunch”. “Our cyber defense and the response team acted quickly and decisively to stop the attack from progressing.” You are also working with an external team for digital forensics and law enforcement agencies to fully investigate the attack and its extent.
According to the assumptions of the analysts at Emisoft, the hacking group Netwalker is behind the attack. The malware used by the group not only encrypts the victims ‘servers and hard drives, but also downloads the data to the hackers’ servers. This is to prevent the victims from being able to save their data themselves: If they do not pay, the attackers threaten to openly upload the data to the network. Using this method, Netwalker is said to have made nearly $ 30 million since March.
How far the Cygilant attack had progressed and what impact it had on the company’s operations is unknown. If the defense was successful, the start-up may have communicated differently. The question of whether you have paid the ransom or are willing to do so also remains unanswered. Screenshots from the internal Cygilant servers are said to have already appeared in the Dark Net. In the meantime, according to “Techcrunch”, the data seem to have disappeared again.
The attack is particularly embarrassing for Cygilant. The start-up, which was supported in 2017 with a venture capital investment of seven million dollars, offers other companies cybersecurity as a bookable service package. You can advise on the security equipment, rent the relevant hardware and maintain it, including closing security gaps. The hacking attack that has now taken place is unlikely to be of any use as an advertising measure.