The first security measure was to disconnect all services from the Internet to isolate the infrastructure and reduce the impact of this cyber attack, and there is a data backup, IT service provider certSIGN, part of the ICU group. Two days after attackers encrypted some of the company’s data, certSign says its remote electronic signature services are back up and running.
The most important update is that as of today, remote e-signature services have become functional again, certSIGN representatives informed HotNews.ro on Thursday.
The company says on its website that the Paperless vToken program is also back in action
How did the malware get into the certSIGN network and what reward are the attackers asking for?
The company still has no answers to these questions posed by HotNews.ro two days ago.
- “On the morning of October 17, 2023, we recorded an incident that consisted of a cyber attack. The security team acted immediately and effectively following the incident response procedure. We have collected data and are analyzing the incident. I had no contact with the attackers.” company representatives say.
The IT service provider notes that “the data is backed up” and states what remedial measures it has taken.
- “The first security measure was to disconnect all services from the Internet to isolate the infrastructure and mitigate the effects of this attack, which is the first step in the protocol for responding to such cyber attacks.” – says the company.
What external IT systems of the company were affected besides Ghiseul.ro and SEAP?
Given that the President of Romania’s Digitization Authority (ADR) clarified to HotNews.ro how it indirectly affected some public services on Ghișeul.ro and the Electronic Public Procurement System, we asked certSIGN what other IT systems outside the company were affected by this cyberattack.
This is especially true given that certSIGN says it has developed the largest digital certificate distribution network at national level through partnerships with important banks such as CEC Bank, BRD Groupe Societe Generale, Raiffeisen Bank, Alpha Bank, OTP Bank and Banca Românească.
- “Systems that used Certificate Revocation Lists (CRLs) to verify certificates were affected. This was the first service we brought back online.
- Systems using remote electronic signature services that are currently in operation are also affected.
- Much of our customer service has been restored and we are working to restore all services as soon as possible.
- We prioritized restoring access to the company’s main internal services and focused on restoring the services provided to customers.” certSIGN representatives also clarified.
As a reminder, certSIGN, an electronic signature service provider that is part of the UTI group, became the target of a ransomware-type cyberattack on Tuesday, which had a significant impact on part of the company’s internal and external IT systems, as well as on web domains. The malware behind the attack encrypted some electronic data stored on the corporation’s network so that it could not be used.
- Read more: Ransomware-type cyber attack on IT provider certSIGN / Public services from Ghișeul.ro and SEAP were indirectly affected / What services were restored
Photo source: Dreamstime.com
Source: Hot News
Lori Barajas is an accomplished journalist, known for her insightful and thought-provoking writing on economy. She currently works as a writer at 247 news reel. With a passion for understanding the economy, Lori’s writing delves deep into the financial issues that matter most, providing readers with a unique perspective on current events.