Toshiba announced, on Friday (14), that one of its units suffered a cyber attack by the DarkSide group. The company said that a minimal amount of work data was lost.
DarkSide is the group that probably attacked the Colonial Pipeline, one of the largest and most important pipeline systems in the United States. In both cases, cybercriminals used ransomware, a type of malware that blocks the victim’s access to system files and makes them a kind of “hostage”, as criminals charge money (usually in bitcoin) for access be restored.
In the case of the Japanese conglomerate, the crime affected a unit of the company located in Europe that manufactures barcode printers. The trend is valued at about US $ 2.3 billion (about R $ 12 billion at the current price).
“There are about 30 groups within DarkSide who are trying to hack companies all the time and this time they were successful with Toshiba,” explained Takashi Yoshikawa, senior malware analyst at Mitsui Bussan Secure Directions, a Japanese digital security company, in an interview to Reuters.
According to Yoshikawa, the home office model is leaving many businesses vulnerable to attacks like these. He argued that using corporate computers at home does not bring the same security as using machines in offices.
Although Toshiba says little was lost in the attack, the cybersecurity company provided screenshots showing that more than 740 GB of information was compromised. In the middle of this amount of data is various personal information.
The attack suffered by Toshiba came precisely at a delicate moment for the company. In recent years, the giant has suffered from tax scandals and mass layoffs. Because of this, shareholders are pushing for executives to look for potential buyers.
An offer of about US $ 20 billion (about R $ 105 billion) from CVC Capital has already been denied this year. Strategy reviews to find other stakeholders are still underway.