Ransomware, Content, Europe

Software AG: Clop Ransomware Attack Recovery Update

Software AG is striving to recover from a Clop ransomware attack that has knocked out the company's help desk and internal communications, the German software company has disclosed. Here's a timeline of the Software AG ransomware attack and recovery details.

Saturday, October 3: Clop breached Software AG's internal network. The hackers demanded roughly $20 million to provide the decryption key, multiple reports say.

Monday, October 5: Software AG disclosed a malware attack -- though the disclosure didn't specifically mention Clop ransomware. The attack impacted help desk services and internal communication the company. At the time, Software AG believed customer information was not accessed by the malware attack -- but that belief ultimately was wrong.

Thursday, October 8: Software AG disclosed that the malware has not been fully contained. Also, the software company discovered evidence that data was downloaded from Software AG's servers and employee notebooks.

Software AG: Clop Ransomware Attack Recovery Efforts

Software AG has not disclosed if the company has hired forensic consultants or MSSPs (managed security services providers) to investigate the attack and assist the data recovery efforts.

Software AG, founded in 1979, has more than 5,000 employees who support more than 10,000 customers across more than 70 countries, according to a company fact sheet. The enterprise-focused company likely is the second largest software provider in Germany (behind SAP).

Joe Panettieri

Joe Panettieri is co-founder & editorial director of MSSP Alert and ChannelE2E, the two leading news & analysis sites for managed service providers in the cybersecurity market.