DarkSide ransomware: now Toshiba attacked

A unit of Toshiba Corporation has become the latest high profile target of a ransomware attack by DarkSide, the group the FBI has blamed for the Colonial Pipeline attack.

Toshiba Tec Corporation, which makes point-of-sale systems and copiers, said only a minimal amount of work data had been lost.

The attack further underlines the seriousness of the cyber risk faced by business, with ransomware demands now a depressingly frequent occurrence for vulnerable corporates.

The Toshiba attack comes in the same week that Colonial Pipeline was also the subject of a concerted ransomware attack.

The FBI has attributed the cyberattack to DarkSide, a group believed to be based in Russia or Eastern Europe. Its ransomware targets computers that do not use keyboards in the languages of former Soviet republics, cyber experts said.

The pipeline shutdown has reduce fuel availability in the near term, pushing up prices and forcing refiners to cut production because they had no way to ship the gas. The pipeline operations have since been restored.

The incident is being regarded as one of the most disruptive digital ransom operations ever reported and has prompted calls from American lawmakers to tighten protections for critical US energy infrastructure against hackers.

Indeed, according to a note by rating agency AM Best, the ransomware attack on US energy firm Colonial Pipeline has thrown the $2.7 billion US cyber insurance segment back into the headlines:

“Premiums for standalone cyber policies grew more than 28% in 2020, reflecting price increases and a move by the insurance industry to get more clarity on their cyber underwriting factors, including limits, deductibles, and terms and conditions of the policies, to reduce risks related to silent cyber.”

“The higher rate of growth for standalone policies also indicates organizations’ escalating concerns about cyber risk and their strategic choice to purchase policies solely for cyber risk protection. Packaged policies still appear to be the preferred way to market to small and medium-sized enterprises, which do not have the staffing or sophistication to analyze cyber risk on a stand-alone basis and prefer to bundle cyber policies with their other liability policies.”

Separately, The Asahi newspaper reported on Friday (14 May) that Bain Capital is not considering buying Toshiba, citing an interview with Yuji Sugimoto, the Japan head for Bain Capital.

Toshiba on Friday forecast a hefty 63% rise in annual operating profit to 170 billion yen ($1.6 billion) after pandemic-induced pain in the last year and as restructuring measures bear fruit.

For the year just ended, Toshiba posted a 20% slide in operating profit to 104.4 billion yen.