Tietoevry: conclusions on the ransomware attack
As earlier communicated, one of Tietoevry’s datacenters in Sweden was subject to a ransomware attack during the night of January 19-20. 2024. Tietoevry’s monitoring detected the suspicious and unusual activity and Tietoevry was able to stop the attack, limiting its impact to one platform. However, the attack unfortunately impacted several Tietoevry’s customers’ services across industries and has thus been visible in the Swedish society in many ways. Tietoevry sincerely regrets the challenges this criminal attack has caused to our customers, and to many entities and individuals as consequence.
Tietoevry initiated the restoration of affected customer services with the highest priority and was able to restore majority of the affected servers in a systematic manner during the first days after the attack, enabling several customers to have their services operational from this stage. However, due to relatively many customer-specific solutions within the affected platform, there have been varying degrees of impact and consequently varying recovery processes. With the exception of efforts continuing with few customers, all other impacted customer services were fully restored by mid-March.
Tietoevry has high attention on its security posture at all times and the company has taken this attack extremely seriously. Tietoevry’s security experts started to assess the potential attack vectors immediately, including a large-scale data analysis. Our analysis concluded the most probable path used by the attacker to gain unauthorized access to the datacenter. For reliability, Tietoevry has engaged credited third-party security experts in the analysis.
Acknowledging the evolving technology and threat landscape, Tietoevry Tech Services has consistently over the years invested in the development of its infrastructure, including the datacenters, and this focus continues systematically. As immediate action from the ransomware attack, Tietoevry has intensified the surveillance of its infrastructure.
“We as Tietoevry take seriously the responsibility of being in the forefront of digital security. Continuous improvement is vital as cybersecurity has become a fundamental enabler of the digital society. This dependency calls for new era of resilience, and for it to be realized, most important is to bring cybersecurity to the core of businesses’ strategic agenda. We are committed to continuing to develop our capabilities across all our operations – to the benefit of our customers and the society”, states Kimmo Alkio, CEO of Tietoevry.
In light of Tietoevry’s role as a service provider, the criminal nature of the attack and for security reasons, Tietoevry cannot publicly share technical details of the attack. Tietoevry has maintained an active dialogue with the authorities since the attack took place and has shared the findings with them. Tietoevry is at all times committed to respecting contractual obligations and customer confidentiality, thus the company cannot share customer-specific information regarding this case.
Tietoevry’s previous press release (6 March, 2024) on the topic can be found here
####
Tietoevry creates purposeful technology that reinvents the world for good. We are a leading technology company with a strong Nordic heritage and global capabilities. Based on our core values of openness, trust and diversity, we work with our customers to develop digital futures where businesses, societies, and humanity thrive.
Our 24 000 experts globally specialize in cloud, data, and software, serving thousands of enterprise and public-sector customers in more than 90 countries. Tietoevry’s annual turnover is approximately EUR 3 billion and the company’s shares are listed on the NASDAQ exchange in Helsinki and Stockholm, as well as on Oslo Børs. www.tietoevry.com
( Press Release Image: https://photos.webwire.com/prmedia/6/320924/320924-1.png )
WebWireID320924
This news content was configured by WebWire editorial staff. Linking is permitted.
News Release Distribution and Press Release Distribution Services Provided by WebWire.