IoT specialist Software AG hit by $23mn ransomware attack accessing staff data

Software AG, a Germany-based enterprise software company, has become the latest technology company to report a major ransomware attack, Jeremy Cowan reports.

Unconfirmed reports in German media indicate that employee data including passport & ID information and internal emails, have been accessed and encrypted by a gang named Clop after the ransomware it uses. A ransom of US$23 million is said to have been demanded for the data’s release. The IT company has annual revenues of more than €800 million.

According to the Darmstadt company, the attack began on the evening of October 3rd and Software AG was forced to suspend all internal communications. This took its customer helpdesk offline – a situation that continues at the time of writing.

Customers are still being directed to contact dedicated email addresses with any questions or concerns. Software AG has since confirmed it has evidence of data downloads being made due to a malware attack.

In its first public response the company said: “Today, Software AG has obtained first evidence that data was downloaded from Software AG’s servers and employee notebooks. There are still no indications for services to the customers, including the cloud-based services, being disrupted. The company is refining its operations and internal processes continuously.

“Software AG is further investigating the incident and is doing everything in its power to contain the data leak and to resolve the ongoing disruption of its internal systems, in particular to restart its internal systems as soon as possible which had been shut down for security reasons.”

The Internet of Things (IoT) specialist claims more than 10,000 IT customers including Airbus, Credit Suisse bank, and the German airline Lufthansa. Following initial uncertainty Software AG now says that customer data has not been compromised. The data breach was revealed in an online update and in statements to German financial institutions. The company’s note said the attack had been ongoing since last Monday and had yet to be fully contained.

Commenting on the attack today, Boris Cipot, senior security engineer at Synopsys says, “No individual or organisation, big or small, is safe from cyber-attacks. Ransomware is a common attack type today, whereby an attacker penetrates the victim’s resources and encrypts or downloads the data on it. The victim then needs to pay a ransom in order to receive the decryption key and hope they get their data back and that it has not been downloaded to be misused later on.

Boris Cipot of Synopsys: What’s the impact on the company?

“For individuals, private data, pictures and documents may be affected. For companies, the data held for ransom is likely even more important. Indeed, such attacks can cause government offices to shut down. While in the case of Software AG, it has not brought their whole operations to a standstill, it will be interesting to see what impact the reported breach had on the company and what they did to recover,” Cipot says.

“Ransomware, as any other malware, can spread through different ways. Usually, they come through as scams, such as fake software that promises to do something like remove viruses from your computer; or as phishing emails, that lures the user to install something on their computer. Therefore, be careful when installing or downloading files from the internet. Be careful when someone offers you something for free. As always on the internet – if it sounds too good to be true, then it probably is,” Cipot concludes.

Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow


9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, iot home automation is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more

Infineon and Rainforest Connection create real-time monitoring system to detect wildfires

Posted on: October 22, 2021

Munich and San Jose, California, 21 October, 2021 – Infineon Technologies AG a provider of semiconductors for mobility, energy efficiency and the IoT, announced a collaboration with Rainforest Connection (RFCx), a non-profit organisation that uses acoustic technology, Big Data and Artificial Intelligence / Machine Learning to save the rainforests and monitor biodiversity.

Read more

Infineon simplifies secure IoT device-to-cloud authentication with CIRRENT Cloud ID service

Posted on: October 21, 2021

Munich, Germany. 21 October 2021 – Infineon Technologies AG launched CIRRENT Cloud ID, a service that automates cloud certificate provisioning and IoT device-to-cloud authentication. The easy-to-use service extends the chain of trust and makes tasks easier and more secure from chip-to-cloud, while lowering companies’ total cost of ownership. Cloud ID is ideal for cloud-connected product companies

Read more