On June 4th, Fujifilm disclosed that they had in fact suffered a ransomware attack on June 1st that disrupted its business operations. The disruption prevented access to email, the billing system, and a reporting system. It affected the Japanese network, as well as the company’s computer systems in the US, Europe, the Middle East and Africa.
The fact that the ransomware attacked happened was the big story so much as the fact that Fujifilm has refused to pay the ransom. A spokesperson for Fujifilm commented: “Fujifilm Corporation in Tokyo does not comment on the demand but I can confirm we have not paid any ransom.” The same spokesperson also said: “Fujifilm does have backups in place as a part of its normal operation procedure aligned with its policy.”
Because Fujifilm had access to their backups, they have started bringing their network, servers, and computers in Japan “back into operation” and is aiming to be fully up and running “this week”. Many companies in Fujifilm’s position feel pressured into paying the ransom because they either don’t have complete back-ups that weren’t also infected, but because the hackers have also stolen data while they were on the network and have threatened to release the sensitive data publicly.
Jake Moore, cybersecurity specialist at internet security firm ESET, told The Verdict, that refusing to pay a ransom is “not a decision to be taken lightly.” Fujifilm Europe has said that they are “highly confident that no loss, destruction, alteration, unauthorized use or disclosure of our data, or our customers’ data, on Fujifilm Europe’s systems has been detected.” Which explains Fuji’s decision to not pay the ransom. It remains to be seen in time if in fact the hackers were able to extract any confidential data from Fujifilm’s Japanese network.
Cyber security experts, as well as law enforcement agencies often warn against paying the ransom as you cannot guarantee that the data will be restored, and you have no guarantee that the criminals will not release the data some day. Best practices you should consider include:
- Have offline and offsite data backups so you can quickly restore your network.
- Prompt patching and updating of critical systems.
- Segmented networks to help stop the spread of ransomware/malware through the network.
- Cyber awareness training for all staff.
If you want to learn more how to protect yourself from ransomware, and to avoid having to make a ransomware payment, contact Quick Protect today.