Ransomware Attacks Equinix; Data Centers and Managed Services Not Impacted

Equinix ($EQIX) is investigating a ransomware attack that hit the data center giant’s internal systems, though the malware did not impact Equinix’s data centers, managed services and customer-facing operations, the company says.

The bigger issue may involve stolen data. Netwalker ransomware threat actors are demanding Equinix pay $4.5 million for a decryptor and to prevent the release of stolen data, Bleeping Computer reports.

Ransomware Attack Details

Equinix disclosed the ransomware attack on September 9, and vowed to offer additional updates if or when there is new information to share. According to the complete September 9 Equinix statement:

“Equinix is currently investigating a security incident we detected that involves ransomware on some of our internal systems. Our teams took immediate and decisive action to address the incident, notified law enforcement and are continuing to investigateOur data centers and our service offerings, including managed services, remain fully operational, and the incident has not affected our ability to support our customers. Note that as most customers operate their own equipment within Equinix data centers, this incident has had no impact on their operations or the data on their equipment at Equinix. The security of the data in our systems is always a top priority and we intend to take all necessary actions, as appropriate, based on the results of our investigation.

We will update this blog post as appropriate.”

Despite the BleepingComputer report, Equinix did not disclose what type of ransomware hit the data center provider, nor did the company reveal which internal systems were hit.

Equinix is one of the world’s largest data center providers. In its Q2 of of 2020, revenue was $1.47 billion — up 6 percent from the corresponding quarter last year.

How Ransomware, Malware Targets Service Providers

Data center providers and MSPs remain prime targets for ransomware attacks, since their systems often host or interconnect to numerous end-customer systems. Many of the attacks involve stealthy approaches that hide from anti-virus tools, Huntress Labs recently reported.

The U.S. Secret Service has warned IT service providers and consulting firms about ongoing cyberattacks. The warning indicated that threat actors are increasingly targeting point-of-sale (POS) systems and performing business email compromise (BEC) and ransomware attacks.

Recent MSP and IT consulting ransomware attack victims include:





Return Home



    Jim Balasubramanian:

    I am surprised that a company like Equinix would get hit. I would think they would have strict policies and controls in place to prevent such an occurrence. Having backups are no longer a viable option if threat actors are in the system for months before acting. Email SPAM/Phishing filters, segregated networks, principles of least privilege access control, and maybe even using a thin client infrastructure with no USB ports are the way to go IMHO.

    Joe Panettieri:

    Hey Jim: Thanks for your note and readership. I think it’s safe to say all companies & organizations with data are now targets for ransomware attacks. Also, we offer a tip sheet for MSPs to mitigate ransomware attack risks. We’re not privy to what went wrong inside Equinix, but we continue to track the company for updates.


Leave a Reply

Your email address will not be published.