Axis Issues Response to Cyber Attack on Internal Directory Services

LUND, Sweden — Axis Communications has released a post mortem following a cyber attack it suffered Feb. 19-20.

According to the company, the attackers were able to sign in as a user by employing several combinations of social engineering, despite protective mechanisms such as multifactor authentication.

Once inside, the attackers used advanced methods to elevate their access and eventually gain access to directory services. No servers were found to be encrypted, but the company did find malware and indications that internal directory services were compromised.

No customer information was found to be affected in any way and Axis says  in total, it found limited signs of damaging consequences “aside of the general embarrassment and productivity loss.”

Axis’ threat detection systems alerted incident staff of unusual, suspicious behavior, and investigations early Sunday morning. IT management decided to bring in external security experts and eventually it was confirmed that hackers were active inside Axis networks.

The company then decided to disconnect all external connectivity immediately as a way of cutting the intruders off. This resulted in a loss of external services for Axis staff, such as in- and outbound email. Partner services were also affected with axis.com and extranets being unavailable.

As of Feb. 27, most external facing services have said to have been restored with some still awaiting security clearance. Regarding Internet facing services, Axis currently operates in a restricted mode.

It says this will continue as long as the forensic investigation is ongoing and until the cleaning and restoration is completed. Restricted mode mainly affects the company’s internal work streams and has very limited effect on customers and partners. Axis says it expects the final parts of its customer facing services to be completely available within a few days.

The company adds that technical security mechanisms have been raised in general across the board to limit the risk of any similar future event and it will provide more information if its “ongoing investigation uncovers events of further relevance.”

You can read the full release here.

The post Axis Issues Response to Cyber Attack on Internal Directory Services appeared first on Security Sales & Integration.



from News Archives - Security Sales & Integration https://www.securitysales.com/emerging-tech/cybersecurity-tech/axis-cyber-attack-internal-services/
via IFTTT

Comments

Popular posts from this blog

Total Tech Summit Puts Call Out for Top Integrators to Apply Now

Evolv Technology, Pittsburgh Pirates Team Up for Fan-Friendly Ballpark Security

Minnesota AG Calls for Cancellation of Home Security Contracts for Alleged Fraud