NetWalker Ransomware Attacks Cygilant Threat Detection, SOCaaS Provider
Threat detection and cybersecurity company Cygilant has suffered a NetWalker ransomware cyberattack, according to third-party reports. Cygilant, which specializes in Security Operations Center (SOC) as a service, confirmed that it suffered an attack but did not mention the specific ransomware strain or group by name behind the attack.
The ransomware attack represents a timely warning to MSSP (managed security services provider), MSP, SOCaaS and MDR (managed detection and response) companies: Even as you offer and promote cybersecurity services to end-customers, your own networks, infrastructure and systems remain prime targets for cyber criminals.
Cygilant: Ransomware Attack Statement
In a statement to TechCrunch, Cygilant CFO Christina Lattuca said the ransomware attack impacted a portion of the company’s technology environment, though she did not say what portion of the company’s infrastructure was impacted. The statement said:
“Our Cyber Defense and Response Center team took immediate and decisive action to stop the progression of the attack. We are working closely with third-party forensic investigators and law enforcement to understand the full nature and impact of the attack. Cygilant is committed to the ongoing security of our network and to continuously strengthening all aspects of our security program.”
Emsisoft, which has tracked numerous ransomware attacks, named NetWalker as the likely culprit. It’s unclear if Cygilant paid the ransom.
NetWalker, first detected in August 2019, has generated $29 million in extortion since March 2020, ThreatPost reported in August 2020. Victims have included Columbia College of Chicago and the Illinois Public Health District.
Cygilant Business Focus
Cygilant, formerly EiQ Networks, specializes in midmarket SOCaaS, security monitoring, endpoint security, vulnerability management and patch management. The company received $7 million in private equity funding in 2017, backed by Arrowroot Capital.
More recently, Cygilant launched endpoint security in April 2020, and partnered with LogPoint for SIEM and UEBA capabilities in July 2020.