Skip to main content

Fujifilm taken down by serious ransomware attack

ID theft
(Image credit: Future)

Japanese conglomerate Fujifilm has shut down parts of its network around the world after falling victim to a suspected ransomware attack.

According to a notice put up on its website, the company confirmed that its headquarters in Tokyo was hit by a ransomware attack on June 2.

As per reports, the disruption to Fujifilm’s network has impacted its subsidiaries around the world. For instance, Fujifilm USA has also added a notice to its website stating that it is currently experiencing problems that have impacted all forms of communications, including emails and incoming calls. 

“In the late evening of June 1, 2021, we became aware of the possibility of a ransomware attack. As a result, we have taken measures to suspend all affected systems in coordination with our various global entities,” read the notice on Fujifilm’s website.

In an earlier version of the now amended notice, Fujifilm said that it wasn’t accepting and processing orders in light of the cyberattack.

Ransomware via a trojan

Although Fujifilm hasn’t yet revealed the names of the threat actors behind the ransomware attack, the CEO of cybersecurity research fim Advanced Intel, told Bleeping Computer that the Qbot trojan has infected Fujifilm in mid May.

Security researchers suggest that trojan writers often work in collaboration with ransomware operators and Qbot is no different.  

In fact, the Qbot creators have a well-documented history of partnering with ransomware operators, including the ProLock and Egregor ransomware gangs.

"Since the underground ransomware turmoil, the Qbot malware group currently works with the REvil ransomware group,"  Kremez told Bleeping Computer.

Recently the US has announced a series of steps to tackle the growing menace of ransomware attacks, including setting up a dedicated ransomware task force, and treating ransomware attacks as acts of terrorism. 

While the Fujifilm headquarters are outside the jurisdiction of the US, the attack has also disrupted the operations of Fujifilm US, which might prompt the US to take stock of the situation.

Via TechCrunch