Cognizant has confirmed that a security incident involving its internal systems, and causing service disruptions for some of its clients, is the result of a Maze ransomware attack.
According to its press statement, the New Jersey-based IT giant’s internal security teams, supplemented by leading cyber defense firms, are actively taking steps to contain this incident. Cognizant has also engaged with the appropriate law enforcement authorities.
“We are in ongoing communication with our clients and have provided them with Indicators of Compromise and other technical information of a defensive nature,” said Congnizant.
Previously called “ChaCha ransomware”, Maze crypts all files in an infected system, then demands a ransom to recover the files or the victim risks having its information publicly exposed. It uses a variety of ways to gain entry, mainly using exploits kits, remote desktop connections with weak passwords or via email impersonation or via different agencies or companies. Such email messages come with a Word attachment with macros to run the malware in the system.