UPDATED 21:39 EST / FEBRUARY 09 2021

SECURITY

‘Cyberpunk 2077’ maker CD Projekt struck by ransomware attack

Video game developer CD Projekt S.A., the maker of “Cyberpunk 2077,” has been struck by a ransomware attack that resulted in data stolen.

The company said in a tweeted statement today it detected a cyberattack that compromised some of its internal systems Feb. 8. An unidentified actor is described as collecting certain data belonging to the CD Projekt capital group and leaving a ransom note.

The attackers claimed in the ransom note that they had stolen the source code for the games “Cyberpunk 2077,” “Witcher 3,” “Gwent” and an unreleased released version of “Witcher 3” along with documents relating to accounting, administration, legal, human resources, investor relations and more.

CD Projekt noted that although some devices in its network had been encrypted, backups remained intact and it had begun restoring data. “We will not give in to the demands nor negotiate with the actor, being aware that this may eventually lead to the release of compromised data,” the company said. The compromised systems did not include any personal data of players and users of the company’s services.

Although CD Projekt did not reveal the form of ransomware, security researcher Fabian Wosar from Emisoft Ltd. said the attack involved HelloKitty — not the cute Japanese cartoon character but a form of ransomware and a related group that has been active since November.

CD Projekt added that it has contacted authorities and engaged information technology forensic specialists to investigate the attack.

“CD Projekt is the studio that produced ‘Cyberpunk 2077,’ one of the biggest and most high-profile releases across all media in 2020,” Simon Mullis, director of technical account management at endpoint security and systems management company Tanium Inc., told SiliconANGLE. “Aside from the ‘life imitates art’ nature of this story — given the subject matter of the game — this attack shows that anyone can be vulnerable to ransomware, even tech-savvy organizations.”

In companies the size of CD Projekt, which has more than 1,000 staffers, there’s often a silo between IT operations and security, Mullis explained. “This division can cut off visibility of what’s going on in a corporate network and leave organizations exposed to disruption, reputation damage and significant financial cost,” he said. “When organizations encourage collaboration between these two teams, they are more likely to achieve the high level of IT hygiene that’s needed to achieve a good level of defense against ransomware attacks.”

Jon Niccolls, an incident response lead at cybersecurity solutions provider Check Point Software Technologies Ltd., noted that these so-called double extortion ransomware attacks, where the hackers steal data and threaten to leak it unless their demands are met, are increasingly common: In the third quarter of 2020, nearly half of all ransomware incidents included a threat of releasing stolen data.

“It’s a trend that will continue to grow because it puts extra pressure on organizations to pay the ransom, or risk fines from data watchdogs if volumes of individuals’ data are compromised and publicly disclosed by the hackers,” he said.

Photo: Spy-cicle/Wikimedia Commons

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU