Sopra Steria confirms it was hit by new strain of Ryuk ransomware, will take weeks to return to normal operations

Sopra Steria confirms it was hit by new strain of Ryuk ransomware, will take weeks to return to normal operations




European IT services group Sopra Steria has shared more details of the cyber attack which hit its offices last week, confirming speculation that it fell victim to a ransomware attack.


According to a press release issued by the firm, Sopra Steria first discovered it was under attack on the evening of 20 October, and has since identified that the culprit was a “new version” of the notorious Ryuk ransomware.


According to Sopra Steria, it has since shared samples of the ransomware with anti-virus vendors and computer crime-fighting agencies.



“Sopra Steria’s investigation teams immediately provided the competent authorities with all information required. The Group was able to quickly make this new version’s virus signature available to all antivirus software providers, in order for them to update their antivirus software.”


“Moreover, it has also been established that the cyberattack was only launched a few days before it was detected.”



Sopra Steria says that it has investigated the attack and “has not identified any leaked data or damage caused to its customers’ information systems.”


Let’s hope that they’re right, as ransomware which exfiltrates sensitive information from corporate networks is clearly a much bigger headache both for the company infected and its customers and partners.


No information has been shared regarding precisely how the Ryuk ransomware might have infected and then spread across Sopra Steria’s network, but often times the initial attack will take place through a carefully crafted malicious email.




Sign up to our newsletterSecurity news, advice, and tips.

Int ..

Support the originator by clicking the read the rest link below.