Maze Ransomware Attack Hits Cognizant

New Jersey-based service provider Cognizant is the latest victim of the Maze ransomware attack. This is an unfortunate reality check, proving that hackers don’t stop their calculated, malicious activities for COVID-19. Accordingly, managed service providers (MSPs) are still largely vulnerable to these malicious crimes.

This post provides insight into the latest Maze ransomware attack, followed by a snapshot on the state of cybersecurity, while shedding some light on how to enhance cybersecurity measures.

Cognizant: Latest Victim of the Maze Ransomware Attack

Cognizant, an IT service provider behemoth, is still reeling from the recent Maze ransomware attack on its organization. Maze poses a greater threat compared to other ransomware. Maze not only locks out employees from their network, but it also creates a duplicate copy of all network data, threatening to publish confidential information online if the firm doesn’t agree to pay a ransom. 

Confidential information includes, salaries and bonus details, profit and loss statements (P&L), margins and gross profit information, as well as potential mergers and acquisitions. The attackers don’t care if the firm has a repository of backup data; their only intention is to hold the company’s confidential information for ransom. 

As a result of the attack, some of Cognizant’s employees faced communication disruption due to the deletion of internal directories, leaving the sales team without a way to connect with clients, or vice-versa. 

Cyberattacks: Not the First and Not the Last

This isn’t the first time that cyberespionage has taken advantage of the vulnerabilities stemming from the COVID-19 pandemic. For instance, attackers have been targeting healthcare organizations, including the World Health Organization (WHO) and Hammersmith Medicines Research (HMR), a U.K.-based testing center developing COVID vaccines. 

Since December 2019, cybercriminals have attacked a notable law firm, Chubb Insurance, and of course, a multitude of healthcare institutions. 

Eliminating Alert Fatigue Through Distinguishable Alerts

With a hacking attempt happening every 32 seconds, it’s likely that cybersecurity teams will miss time-sensitive, critical notifications.

It’s essential to have a mechanism in place that triggers distinguishable, audible alerts only for real threats, while cutting through false-positive notifications. This, in tandem with automated alert escalations, can prove to be a powerful solution to resolving critical situations. 

Improving Cybersecurity Measures and Operations

MSPs can enhance their cybersecurity measures by adopting an incident alert management solution. The solution offers encrypted communications, ensuring that team messages are fully secure through a mobile application. This way, teams can trade their insecure email inboxes for a more secure form of communication.

Additionally, an incident alert management solution integrates with remote monitoring and management systems (RMM), combined to deliver immediate alerts regardless of time or geographical location. Efficient alerting improves incident resolution time, protecting confidential information in the process. 

As demonstrated by the latest Maze attack, it’s clear that hackers aren’t hibernating during these unprecedented times. Rather, they’re leaving no stone unturned to take advantage of the current pandemic. 

Enhancing cybersecurity measures requires organizations to adopt an incident alert management solution, providing secure communications in times of crisis. This way, MSPs, such as Cognizant, can fend off malicious threats to achieve customer service excellence, while protecting sensitive, internal information.