Exploit: Ransomware
Canon: Optical and Imaging Products Manufacturer
Risk to Small Business: 2.231 = Severe
International equipment behemoth Canon reported in a letter to staffers that it had been the victim of a ransomware attack that Canon impacted numerous services, including Canon’s internal email, Microsoft Teams, USA website, and other essential business applications. The Maze ransomware group has claimed credit for the successful attack and disruption of Canon’s business systems. Maze operators stated that they extracted 10 terabytes of data on private databases in the attack. Canon notes that some users’ still image and video image data stored in its image.canon cloud photo platform involving the 10GB long-term storage option was missing but offered no details as to the type of images that were taken.
Individual Risk: At this time, there is no available information about the nature or provenance of the stolen data.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Maze ransomware attacks typically start with gaining access to an average employee account and using that to gain access to accounts with greater privilege – and the vast majority of ransomware attacks start off as phishing.
Source:
https://www.bleepingcomputer.com/news/security/canon-confirms-ransomware-attack-in-internal-memo