Not only health care providers, organizations that provide health care technology also become vulnerable to cyberattacks. Medical technology provider Olympus admitted that it had sustained a malware attack lately that impacted some of its sales and manufacturing networks in EMEA (Europe, Middle East, and Africa) regions.
As per official updates (1 & 2), the company temporarily suspended the operations of the affected systems and reported the issue to law enforcement and forensic authorities for further investigation. Olympus also clarified that its regular business operations are unaffected amid cyberattacks.
“Upon detection of suspicious activity, we immediately mobilized a specialized response team including forensics experts, and we are currently working with the highest priority to resolve this issue. As part of the investigation, we have suspended data transfers in the affected systems and have informed the relevant external partners. We have reported the incident to the relevant government authorities. We will continue to take all necessary measures to serve our customers and business partners securely,” Olympus said.
While the threat actors behind the attack are unknown, the investigation claims no evidence of loss, unauthorized use, or disclosure of any data so far. Besides, there is no sign that the cybersecurity incident affected any systems outside of the EMEA region.
While Olympus claims it is a malware attack, several security experts believe it to be a ransomware attack by the BlackMatter group. It is suspected that the BlackMatter ransomware group compromised and infected Olympus network systems. Attackers also left a ransom note demanding for ransom to recover the encrypted files.
BlackMatter is relatively a new ransomware-as-a-service group (Raas) that emerged recently in the cyberthreat landscape. It is suspected that BlackMatter is a successor of the infamous DarkSide ransomware group that went underground after the attack on Colonial Pipeline. Security experts claim that BlackMatter has capabilities similar to DarkSide, REvil, and LockBit ransomware operators.