Sopra Steria hit by cyberattack
Reports claim IT services firm has been infected with Ryuk ransomware
Sopra Steria has raised the alarm that it has been hit by a cyberattack, with reports claiming that it has fallen victim to Ryuk ransomware.
The French firm released a statement on Wednesday night revealing that its IT network was hit by a cyberattack on 20 October.
It did not provide further information, but claimed that it has taken security measures to contain the threat.
The full statement reads: "A cyberattack has been detected on Sopra Steria's IT network on the evening of 20th October. Security measures have been implemented in order to contain risks.
"The Group's teams are working hard for a return to normal as quickly as possible and every effort has been made to ensure business continuity.
"Sopra Steria is in close contact with its customers and partners, as well as the competent authorities."
With revenues of €4.4bn and 46,000 staff the French IT giant has a close partnership with the NHS in the UK through a joint venture called NSH Shared Business Services. Sopra Steria provides accounting, procurement, payroll and managed IT to NSH organisations through the partnership.
French media has reported that Sopra Steria was attacked with Ryuk, a type of ransomware used to coordinate targeted attacks on enterprises that is capable of encrypting hundreds of PCs, storage and datacentres according to research by Check Point.
Only last month, private healthcare giant Universal Health Services, was hit by a Ryuk attack that crippled its IT systems across around 250 facilities in the US.
Reports also suggest that Sopra Steria's Active Directory infrastructure has been affected as a result of the breach.
In a blog post, cybersecurity commentator Graham Cluley said that it's particularly alarming that Sopra Steria, a firm which claims to specialise in cybersecurity, has fallen victim to an attack.
"Naturally Sopra Steria's corporate clients, some of whom rely upon the firm to operate their core business processes and IT systems, will be concerned and will have plenty of questions regarding the nature of the attack," he said.
"Although it might be easy for those unaffected to be bemused by the irony of a company like Sopra Steria being hit by ransomware, it's really a reminder that any organisation could potentially fall victim to a determined attack.
"All companies, big and small, need to be on their guard and put defences in place to reduce the chances of becoming the next victim."
Channel Partner Insight contacted Sopra Steria for an update, but was told there are no further details to share for the time being.