Capcom, known for its design of popular video games announced that it suffered a possible ransomware attack on November 2nd. The attack caused disruptions to some of the company’s systems, such as email and file servers. The company claims that there has been no indication of customer data being affected and online gameplay is also still available. Capcom has notified the authorities and launched an investigation of their own to try to gain some more answers. If this attack turns out to be ransomware, it will be the second time this year the company was hit with a cyber-attack associated with ransomware. In August, Capcom was affected by Trickbot, which usually leads to either Ryuk or Conti ransomware.
While the attack method is unknown at this time, it is likely more information will be released as Capcom continues their investigation. Although the company likely had security controls in place and may have increased security monitoring after the Trickbot incident in August, this shows that attackers are always advancing that tactics in an attempt to avoid security controls. Binary Defense suggests combining an up to date reputable anti-virus software with an Endpoint Detection and Response solution (EDR) as a part of a defense-in-depth strategy. Skilled analysts in a Security Operations Center (SOC) staffed in-house or through a partnership with a managed security provider such as Binary Defense will be able to monitor endpoints on companies’ systems for signs of intrusion on a 24/7 365 basis and alert the security teams at those companies. This will either stop attacks before they begin or stop them early enough to keep the damage to a minimum, saving money and protecting data.