Canon, the optical products company, has suffered a ransomware attack which has emerged as one of the biggest digital threats of recent times and affected numerous organizations in the past.
Canon, the Japanese multinational corporation headquartered in Ōta, Tokyo suffered an outage impacting users of the image.canon photo storage site last week. Now, reports revealed that it may have been hit by a ransomware attack involving the theft of 10TB of data across multiple services.
As per Bleeping Computer, which has acquired a screenshot of what is alleged to be the ransom note, Canon was hit by the notorious Maze ransomware gang on August 5. A source shared an image of a company-wide notification with the publication—titled "Message from IT Service Center" from Canon's IT department.
The notice states that the company is experiencing "widespread system issues affecting multiple applications, Teams, Email, and other systems may not be available at this time."
Maze Ransomware Attack
Maze told the Bleeping Computer that it had stolen 10 terabytes of "data, private databases, etc," as a part of the attack on Canon. However, there is no information about how big the ransom being demanded is and no proof of the data it claims to have stolen as Maze declined to share any further details.
"While we first thought that the image.canon outage was related to the ransomware attack, Maze has told us that it was not caused by them," said the Bleeping Computer.
After the attack on Canon, Brett Callow, a Threat Analyst at Emsisoft told IBTimes Singapore that "Ransomware used to mainly impact smaller businesses but, as attacks have become more sophisticated, there has been a steady increase in the targeting of large enterprise space companies."
According to Callow, the cybercriminals have understood one fact which is "Why to attack small businesses when you can extract multi-million-dollar ransom by attacking multinationals?"
Maze is an enterprise-targeting human-operated ransomware. It can steal unencrypted files from servers as well as backups, and it uploads them to the threat actor's servers. If a victim denies paying the demanded ransom, Maze can distribute the stolen files belonging to the victim on a data leak site, created by threat actors.
Before attacking Canon, Maze claimed responsibility for other high-profile ransomware attacks in the past targeting LG, Xerox, Cognizant, Conduent, MaxLinear, Chubb, VT San Antonio Aerospace, the City of Pensacola, Florida, and more.
However, Canon said they are currently investigating the attack.