IT services major has become a victim of the 'Maze' ransomware attack amid the ongoing Covid-19 crisis which has caused disruptions in operations for some of its clients.



The Teaneck, New Jersey-based IT firm said it is in constant touch with its clients and has provided them with indicators of compromise (IOCs) and other technical information of a defensive nature.



" can confirm that a security incident involving our internal systems, and causing service disruptions for some of our clients, is the result of a Maze ransomware attack," the company said in a statement. The company’s internal security teams, supplemented by leading cyber defense firms, are actively taking steps to contain this incident, added.



The anonymous hackers behind Maze have made headlines in recent months for publicly holding their victims hostage by threatening to leak company information if the target doesn’t pay the ransom.



In January this year, the Federal Bureau of Investigation issued a warning to US about the Maze's tactics.



Interestingly, hackers linked to Maze have denied involvement in the attack on Cognizant, though industry experts said it could have been the handiwork of some of the anonymous hackers.



"The reported Maze ransomware on Cognizant is worrisome, as Maze is not like any typical ransomware. Other than encrypting the data, it is able to spread across a network, infecting and encrypting every computer in its path, and it can also exfiltrate the data to the attackers," said Saket Modi, CEO of Lucideus, an enterprise cybersecurity platforms company.



“Though the Maze operators have denied the attack, it has still been categorised as Maze because the listed IOCs included IP addresses of servers and file hashes, which are known to be used in previous attacks by the Maze ransomware actors,” he added.





At a time, when more than 90 per cent of employees of IT services firms globally are working from home, such an attack indicates a worrying trend. While there has been a significant rise in phishing attacks in the guise of Covid-19 themed websites, the ransomware attack seems to be the most severe form of such attempts at this point of time.



According to experts, cyber threats are a regular phenomenon for IT services firms globally which have developed robust security measures to thwart such attempt. For instance, Wipro was a victim of a phishing attack in April last year, which the company thwarted swiftly.