Panasonic suffered a malware-based cyberattack in February targeting Canadian operations.
The infamous Conti ransomware group has claimed responsibility for the attack and theft of over 2.8 GB worth of data from Panasonic Canada. Panasonic did not dispute that the incident was the result of a ransomware attack and did not share details on what data was accessed or which personnel were affected.
“We took immediate action to address the issue with assistance from cybersecurity experts and our service providers,” said Panasonic spokesperson Airi Minobe. “This included identifying the scope of impact, containing the malware, cleaning and restoring servers, rebuilding applications and communicating rapidly with affected customers and relevant authorities.”
So far on Conti’s leak page, there are documents that seem to be related to internal files, spreadsheets, and information belonging to both HR and Accounting departments for Panasonic.
Danny Lopez, CEO, Glasswall shared his perspective on this attack:
“Panasonic is not alone. Ransomware attacks across industries are on the rise.
Organisations need to adopt robust processes for onboarding and offboarding employees and affiliates that may receive access to key information systems. It's vital to control privileged access and to monitor those that enjoy that administrator privilege. Ensuring that multi-factor authentication is enforced wherever possible, is a vital defence where user credentials find their way into the public domain. This will help to limit the blast radius, and in most cases, defeat the data breach.
Even if all procedures and policies are well executed, then there's no escaping the fact that adversaries are constantly looking to probe vulnerabilities and to insert malware into the environment, often using everyday business documents which we all use. It's vital that organisations invest in cyber protection services that stay ahead of attackers by eliminating the threats while still allowing employees to do their vital work.
Attacks like these demonstrate that a traditional castle-and-moat approach to network security leaves organisations exposed. Zero trust security sees the world differently. No one is trusted by default, regardless of whether they are inside or outside a network. In a world where data can be held amongst multiple cloud providers it is crucial to strengthen all processes relating to access verification. Without a zero trust approach organisations run the risk of attackers having a free reign across a network once they are inside.”