Jump to content

Finnish IT giant TietoEVRY discloses ransomware attack

Recommended Posts

Finnish IT giant TietoEVRY discloses ransomware attack




Finnish IT services giant TietoEVRY has suffered a ransomware attack that forced them to disconnect clients' services.


TietoEVRY is a Finnish software development and IT services company that employs 24,000 people throughout 80 countries. The company earned €2.95 billion in revenue for 2019.


On Monday, TietoEVRY experienced technical issues for 25 customers in the retail, manufacturing, and service-related industries, which was later learned to be caused by a ransomware attack.


After learning of the attack, TietoEVRY disconnected the affected infrastructure and services to prevent the ransomware's further spread.

"Due to the ransomware the affected infrastructure and services were disconnected. Together with the affected customers and our partners, we are working to enable recovery of the operations soonest."

"All affected customers have been informed and regular updates are being shared with them on the progress," TietoEVRY disclosed in a press statement.


TietoEVRY says they reported the attack to local authorities, the Norwegian National Security Authority (NSM), and NorCert, who are assisting in the investigation.

"TietoEVRY takes the situation extremely seriously and does upmost to solve it and recover the impacted services soonest possible. We have activated an extended team with the necessary capacity and competence and are working hard to solve the situation", says Christian Pedersen, Managing Partner in TietoEVRY Norway.

IT services companies are prime targets

IT services companies that provide MSP and MSSP service offerings are a prime target for ransomware gangs due to how these companies operate.


To properly service their clients, MSPs and MSSPs manage their clients through remote connections and software that can quickly push out new updates and fixes as needed.


By targeting MSP/MSSPs, ransomware gangs can use the company's remote access software and support applications to spread the ransomware to their clients.


This allows a single attack to create multiple victims to further extort the payment of a ransom.While attacks against IT services companies don't always affect clients, as we saw with Tyler Technologies and Cognizant, there have been successful REvil and GandCrab ransomware MSP attacks that also encrypted managed customers.



Source: Finnish IT giant TietoEVRY discloses ransomware attack

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Create New...