Japanese conglomerate Panasonic Corp. has been hit by a cyberattack at its Canadian operations, less that six months after it was previously hit by a data breach.
The company confirmed the attack to TechCrunch, saying that it was a victim of a “targeted cybersecurity attack” in February that affected some of its systems, processes and networks. Panasonic said that recovery included identifying the scope of the impact, containing the malware, cleaning and restoring services, rebuilding applications and communicating with customers and authorities.
Panasonic did not disclose whether data was stolen or what form of hacking was involved in the attack.
VX-underground, a malware research group, said on Twitter that the Contri ransomware group had claimed responsibility for the attack.
Conti is a prolific ransomware gang with a long list of victims. Conti victims include Ireland’s health service, Advantech Co. Ltd., voice-over-internet-protocol hardware and software maker Sangoma Technologies Corp., hospitals in Florida and Texas, Tesla Inc. and Apple Inc. supplier Delta Electronics Inc. in January and kitchenware maker Meyer Corp. U.S. in February.
While typically only making headlines for its ransomware attacks, Conti itself was the center of attention in March when an unknown member of the gang leaked internal documentation after the gang came out in support of Russia’s invasion of Ukraine.
The Conti leaks started in late February in the days following the Russian invasion, with the leaker making it very clear that they were doing so in support of Ukraine. Leaked files included chat logs, infrastructure and the economics of how the gang operates. Notably, some of the correspondence shows that Conti has links to the Kremlin and the Russian government.
“Panasonic being hit twice by data breaches in less than six months reinforces the notion that data is now a currency that not only drives companies but hackers too,” Amit Shaked, chief executive officer and co-founder of public cloud data protection company Laminar Ltd., told SiliconANGLE. “The sheer amount of sensitive data now available in the cloud is staggering and only increasing.”
Shaked explained that there is a problem with most security teams having no idea where their sensitive data is in the cloud and that “you can’t protect what you don’t see.”
“To safeguard against a majority of today’s data breaches, organizations must have complete data observability and adopt a data-centric approach to security,” Shaked added. “Doing so helps security teams understand where an organization’s most sensitive data is, whether or not it has proper controls in place and if it is being monitored or not.”
Danny Lopez, chief executive officer of detection-based security firm Glasswall Solutions Ltd., noted that “even if all procedures and policies are well-executed, then there’s no escaping the fact that adversaries are constantly looking to probe vulnerabilities and to insert malware into the environment, often using everyday business documents which we all use.”