Maze ransomware attack, Made Cognizant at stake


Cognizant , the New-Jersey headquartered IT services provider said that it had faced a Maze ransomware attack and has caused disruptions to its clients, resulting in service disruptions for some of its clients.


Ransomware is a type of malicious program used by hackers to take control of files in an infected system and then demand hefty payments to recover them.

The information technology services provider said it was taking steps to contain the incident, with the help of cyber defense companies, and has also engaged with law enforcement authorities.


According to McAfee, hackers who deploy Maze threaten to release information on the internet if the targeted companies fail to pay.


Cognizant can confirm that a security incident involving our internal systems, and causing service disruptions for some of our clients, is the result of a Maze ransomware attack,” the company said in a statement. Cognizant, employs close to 300,000 employees mostly based in India, offers IT consulting to various Fortune 500 companies. 


“We are in ongoing communication with our clients and have provided them with indicators of compromise and other technical information of a defensive nature,” Cognizant added.


The anonymous hackers behind Maze have made headlines in recent months for publicly holding its victims hostage, threatening to leak company information if the target doesn’t pay its ransom. Though hackers linked to Maze have denied involvement in the attack on Cognizant, experts said it could have been the handiwork of some anonymous hackers.


Other than encrypting data, it is able to spread across a network, infecting and encrypting every computer on its path, and it can also exfiltrate the data to the attackers,” said Saket Modi, CEO of Lucideus, an enterprise cybersecurity platform company.


 “Though Maze operators have denied the attack, it has still been categorized as Maze because the listed indicators of compromise included IP addresses of servers and file hashes, which are known to be used in previous attacks by Maze actors.”


The Maze operators denied responsibility for the cyber attack, according to security website BleepingComputer https://bit.ly/3bl88ol. However, the report added that Maze is likely not discussing it to avoid complications at this early stage.


Insurer Chubb Ltd in March was hit by a computer security incident that may have involved unauthorized access to data held by an outside service provider. A group that deploys the Maze ransomware claimed to have locked up devices on Chubb’s network during March, according to Bleeping Computer.


At a time when more than 90 per cent of employees of IT services firms globally are working from home, such attack indicates a worrying trend. While there has been a significant rise in phishing attacks in the guise of Covid-19 themed websites, the ransomware attack seems to be the most severe form of such attempts at this point of time.

Attachments area