Equinix ($EQIX) is investigating a ransomware attack that hit the data center giant's internal systems, though the malware did not impact Equinix's data centers, managed services and customer-facing operations, the company says.
The bigger issue may involve stolen data. Netwalker ransomware threat actors are demanding Equinix pay $4.5 million for a decryptor and to prevent the release of stolen data, Bleeping Computer reports.
Ransomware Attack Details
Equinix disclosed the ransomware attack on September 9, and vowed to offer additional updates if or when there is new information to share. According to the complete September 9 Equinix statement:
"Equinix is currently investigating a security incident we detected that involves ransomware on some of our internal systems. Our teams took immediate and decisive action to address the incident, notified law enforcement and are continuing to investigate. Our data centers and our service offerings, including managed services, remain fully operational, and the incident has not affected our ability to support our customers. Note that as most customers operate their own equipment within Equinix data centers, this incident has had no impact on their operations or the data on their equipment at Equinix. The security of the data in our systems is always a top priority and we intend to take all necessary actions, as appropriate, based on the results of our investigation.
We will update this blog post as appropriate."
Despite the BleepingComputer report, Equinix did not disclose what type of ransomware hit the data center provider, nor did the company reveal which internal systems were hit.
Equinix is one of the world's largest data center providers. In its Q2 of of 2020, revenue was $1.47 billion -- up 6 percent from the corresponding quarter last year.
How Ransomware, Malware Targets Service Providers
Data center providers and MSPs remain prime targets for ransomware attacks, since their systems often host or interconnect to numerous end-customer systems. Many of the attacks involve stealthy approaches that hide from anti-virus tools, Huntress Labs recently reported.
The U.S. Secret Service has warned IT service providers and consulting firms about ongoing cyberattacks. The warning indicated that threat actors are increasingly targeting point-of-sale (POS) systems and performing business email compromise (BEC) and ransomware attacks.
Recent MSP and IT consulting ransomware attack victims include:
- Cognizant, which suffered $50 million to $70 million in lost revenue related to the attack.
- xChanging, a DXC Technology subsidiary.
- Collabera, an IT staffing firm;
- Orange Business Services, a major telecom service provider and Top 200 MSSP; and
- Telecom SA, the largest telecom company in Argentina.
