IT Service Synoptek Suffered Ransomware Attack

The ending of 2019 also brought trouble for a number of businesses in terms of cybersecurity. Before the year-end, another ransomware attack affected IT service provider Synoptek.

Synoptek Faced Cyber Attack

Reportedly, the California-based cloud management and IT service provider Synoptek has fallen prey to a cyber attack. The firm that serves over a thousand customers suffered a cyber attack around Christmas time. Consequently, it caused disruption in various operations.

The news about Synoptek service disruptions surfaced online after people began discussing it on Reddit.  However, the firm only confirmed the security incident in a tweet on December 27, 2019. That time too, they merely called it a “credential compromise” which they contained.

As revealed, the incident took place on December 23, 2019, two days before Christmas.

In a subsequent update tweet, they merely mentioned contacting the customers affected by the incident. They did not reveal any technical details about what the incident was, how it happened, and the extent of the attack.

Nonetheless, the government officials more promptly reached the customers in this regard. The State of California and the U.S. Department of Homeland Security alerted the users about the Synoptek cyber attack.

Sodinokibi Ransomware Involvement Suspected

According to Brian Krebs, Synoptek became a victim of a ransomware attack. As per the company sources, Synoptek suffered a Sodinokibi or rEvil infection, a new malware actively targeting the business community.

Even on Reddit, various users confirmed the incident as a ransomware attack. Some of them also fell victim to the ransomware.

Krebs also disclosed the payment of ransom. According to the sources, Synoptek paid the asked ransom to receive decryption keys.

Sources also say the company paid their extortionists an unverified sum in exchange for decryption keys.

Earlier, Sodinokibi also affected a dental backup firm PerCSoft. Though, it remained unclear whether the company paid the ransom to recover the data or not since they merely mentioned about contacting some software company for data recovery.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients