The colossus in photographic genres Olympus, said yesterday that it is investigating a possible cyber security incident affecting its European computer network, as well as the Middle East and Africa.
According to the announcement of the company Olympus, as soon as they detected the suspicious activity, they mobilized the cyber security team and are trying to solve the problem. As part of the investigation, they report that they have suspended the transfer of data to the affected systems and have informed the relevant external partners.
However, information from a person within the company who is aware of the incident, says that Olympus "Recovers" from an attack ransomware which began in the early hours of September 8th. He goes on to say that there is a ransom note left by the criminals on the infected computers, which apparently comes from the group ransomware BlackMatter.
The ransom note also includes a web address on a site accessible only through the Tor Browser known to be used by the team BlackMatter to communicate with its victims.
Η BlackMatter is a ransomware-as-a service group, which was founded as the successor of several groups ransomware, including DarkSide, which recently ceased operations after high profile ransomware attack on Colonial Pipeline, as well as REvil, which has been silent for months after the Kaseya attack that flooded hundreds of companies with ransomware. Both attacks caught the attention of the US government, which promised to take action, so that no critical infrastructure is hit again.
Her usual tactic BlackMatter, but also other groups ransomware, usually steal data from a company's network before encrypting it and later threaten to post the files online if the decryption ransom is not paid.
Η Olympus based in Japan, now manufactures optical and digital reproduction technology for the medical industry. Until recently, the company manufactured digital cameras and other electronics, until it sold the camera piece in January 2021.