The IT company employs 24,000 people globally and experienced technical issues for at least 25 customers in retail, service, and manufacturing industries. A ransomware attack is the cause for business disruption to their customers who have waited out their recovery efforts.

At this point in time, the company says no personal information has been exfiltrated or accessed. TietoEVRY issued a statement, “TietoEVRY takes this incident very seriously, and apologizes for the inconvenience this causes to our customers.”

No ransomware group has claimed responsibility for this attack yet, and it still in the early stages of investigation. TietoEVRY is not releasing more information until they find out more about the attack.

Although, TietoEVRY claims no information has been stolen, the business disruption caused is what organizations should look to in this situation. Even if threat actors do not exfiltrate information, organizations can still take a brutal hit by losing the ability to provide for their customers when internal systems and services are forced offline and operations are halted.

Another notable aspect of this attack is the fact TietoEVERY is a Managed Security Service Provider (MSSP) and is directly connected to global clients. Threat actors look to attack MSPs because they know their services connect them to many different victims. Instead of attacking one organization, they can attack many at once. This is why MSPs have been continually targeted recently.

To avoid business disruption entirely, engage with SpearTip’s certified, technical experts. They are stationed in our Security Operations Center at every moment of the day and are able to respond to intrusions and incidents at a moment’s notice.

In addition to the engineers monitoring your networks, our deployable ShadowSpear® Platform provides clients with a lens focused on threats and the overall health of their network. ShadowSpear® was comprised with the thought of being able to fit into any size organization or industry. The three specifically tailored modules all serve a purpose in protecting your business.

Identify has cloud SIEM capabilities and provides custom dashboards, queries, and filters in one place for easy viewing.

Neutralize equips organizations with next-gen antivirus and a Security Operations Center waiting to respond to threats. It instantly prevents advanced malware and exploitation techniques on deployment.

Counter gives our Security Operations Center the ability to react to threats with one of the quickest response times in the industry. Counter also collects forensic artifacts, executes response scripts and isolates hosts, which is a surefire way to combat criminal adversaries.

SpearTip’s cyber experts continuously monitor environments 24/7 in our US based Security Operations Center. Our certified engineers work in unison with our proprietary endpoint detection and response tool, ShadowSpear®. This allows your organization to have a direct communication with our engineers at any moment and a completely transparent view of your risk profile.

If you are experiencing a breach, please call our Security Operations Center at 833.997.7327.