Information technology services company Cognizant Technology Solutions Corp. has been hit by a ransomware attack with part of its systems being taken offline over the weekend.

In a statement April 18, Cognizant admitted to a security incident involving its internal systems and said its issues were related to a Maze ransomware attack. The company added that internal security teams, supplemented by leading cyberdefense firms,are actively taking steps to contain this incident as well as reporting the attack to law enforcement authorities.

Maze ransomware has been in the news regularly over the last two months. Maze ransomware was used in an attack on Chubb Group Holdings Inc. March 26 as well as an attack on Hammersmith Medicines Research Ltd., a company developing a COVID-19 vaccine that resulted in private data being revealed March 22.

Ransomware attacks are a dime a dozen in 2020, though the Maze attacks differ in that those behind them publish the data when ransoms are not paid. Cognizant’s outright disclosure upfront of the form of the ransomware attack may be a forewarning of a data breach to come.

Javvad Malik, security awareness advocate at security awareness training firm KnowBe4 Inc., told SiliconANGLE that the Maze ransomware is part of a new wave of “particularly devious” strains of ransomware that steal data before encrypting it and threatens to release this stolen data if the victim organization does not pay. “Therefore, even if an organization has backups from which they can restore data and continue operations, it would not be enough to mitigate all the threats,” he said.

Sam Roguine, director at enterprise backup solutions company Arcserve LLC, noted that the attack shows that Maze ransomware gang isn’t backing down.

“While the hackers have yet to threaten to publish the company’s data if the ransom isn’t paid, encrypting and leveraging data as a bargaining tool is typical for Maze, meaning that affected companies such as Cognizant must treat attacks like these as data breaches,” Roguine said. “While cybersecurity measures should always be in place to quickly identify when a network has been infiltrated, businesses should also proactively protect backups in case they do fall victim to an attack. Companies must ensure they have a proper data protection plan in place that protects backups and ensures they’re clean and recoverable.”

Photo: cognizant-worldwide/Flickr