Canon appears to have been hit by a cyber-attack that disrupted its image.canon cloud storage services as well as affected the company’s US website and various internal applications. Although the imaging giant has not yet commented on the matter, a report suggests that the attack used enterprise-centric table ransomware. Canon posted a note on its image.canon website suspending its mobile app and web browser services. The new development comes just days after wearable maker Garmin faced a ransomware attack that affected its services worldwide.
A note posted on the image.canon website states that the problem was detected on July 30, and that it affected the service’s 10GB long-term storage feature that allows users to store their photos and videos in the cloud.
“After investigation, we discovered that some photo and video image files stored in 10GB long-term storage before 9:00 am (JST) on June 16, 2020 were lost. We have ensured that the static image thumbnails of the affected files are not affected and the image data is not leaked, “the company said in a note.
Canon’s image.canon website carries a note detailing the breach, although it does not say anything about ransomware attacks.
In addition to the image.canon service, more than two dozen Canon domains appear to have been affected by ongoing disruptions. The company’s US website is also not accessible, although it says downtime is due to some maintenance.
Blipping Computer reports that an internal notification sent by Canon’s IT department informed its employees of “widespread spread system issues affecting multiple applications, teams, emails and other systems.” A partial screenshot of the alleged Canon ransom note was also obtained by the publication, indicating that Maj Ransomware was used in the attack. The hacker group behind the attack also told Blipping Computer that it had stolen 10 TB of data as well as personal databases.
John Shearer, a senior security adviser at Sophos, a cybersecurity solution provider, said: “The ransomware attack on Canon is another example of the Maze Gang’s sustainable and shameless targeting of enterprises.” “Many of these attacks begin with external services or general phishing campaigns. Successful campaigns often follow a live-of-the-land strategy, abusing extra privileged and less-secure accounts and simply hiding.”
This is not the first time Maze ransomware has been named in an enterprise scandal. It has been used in attacks on several companies in the past, including Cognizant, LG and Xerox.
Gadgets 360 has reached out to Canon for clarity on this and whether it has affected Indian users or whether it is limited to certain markets. We still haven’t heard from the company; However, in a statement to Blipping Computer, the company noted that it was currently investigating the situation.
In 2020, will WhatsApp get the killer feature that every Indian is waiting for? We discussed this in Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts or RSS, download episodes, or press the play button below.