Caleb Boma | October 13th, 2021

According to BleepingComputer, Olympus, a leading medical technology company, was forced to take down IT systems in the Americas (U.S., Canada, and Latin America) following a cyberattack that hit its network Sunday, October 10, 2021.

“Upon detection of suspicious activity, we immediately mobilized a specialized response team including forensics experts, and we are currently working with the highest priority to resolve this issue,” Olympus says in a statement published today, two days after the attack.

“As part of the investigation and containment, we have suspended affected systems and have informed the relevant external partners. The current results of our investigation indicate the incident was contained to the Americas with no known impact to other regions.”

The company did not disclose if customer or company data was accessed or stolen during the “potential cybersecurity incident,” but said that it would provide new information regarding the attack as soon as it’s available.

“We are working with appropriate third parties on this situation and will continue to take all necessary measures to serve our customers and business partners in a secure way,” Olympus added. “Protecting our customers and partners and maintaining their trust in us is our highest priority.”

An Olympus spokesperson told BleepingComputer that the company found no evidence of data loss during an ongoing investigation regarding this incident.

This incident follows a ransomware attack that hit Olympus’ EMEA (Europe, Middle East, Africa) IT systems in early September.

Even though Olympus did not share any info on the attackers’ identity, ransom notes found on impacted systems impacted revealed that BlackMatter ransomware operators coordinated the attack.

The same ransom notes also pointed to a Tor website the BlackMatter group used in the past to communicate with their victims.

Although Olympus, once again, did not reveal many details on the nature of the attack that hit its Americas IT systems, ransomware gangs are known for carrying out their attacks during weekends and holidays to delay detection.

The FBI and CISA said in a joint advisory published in August that they “observed an increase in highly impactful ransomware attacks occurring on holidays and weekends—when offices are normally closed—in the United States, as recently as the Fourth of July holiday in 2021.”

Olympus has over 31,000 employees worldwide and more than 100 years of history developing medical, life sciences, and industrial equipment.

The company’s camera, audio recorder, and binocular divisions were transferred to OM Digital Solutions, which has been selling and distributing these products since January 2021.

With the American winter holidays approaching, it’s vital for organizations to bolster their security structure by engaging with experienced security firms. SpearTip’s engineers work 24/7/365 in our Security Operations Centers and continuously monitor your networks, even on holidays and weekends when threat actors are most active.

The ShadowSpear Platform stops malicious attacks by preventing ransomware from executing on machines in your network. Proactive protection is the best way to prevent attacks on your business, so learn more about what SpearTip can offer.

As mentioned above, the July 4th weekend was a huge day for threat actors as they carried out their attacks while most companies relieved employees in observance of the holiday. Threat actors are smart people with access to talent across the globe, so it takes the same level of talent to combat them. Stop cyber threats, today.

If your company is experiencing a breach, call our Security Operations Center at 833.997.7327 to speak directly with an engineer.