Sopra Steria: Ryuk Attack May Cost Us $60m

Written by

French IT services giant Sopra Steria has admitted a ransomware attack on its systems last month is likely to cost the company tens of millions of dollars.

The Paris-headquartered firm, which is a supplier to the UK’s NHS, was hit by a new variant of the infamous Ryuk family, forcing systems offline.

In an update yesterday, the firm claimed that the attack would negatively impact its gross operating margin by between €40m ($48m) and €50m ($60m), although €30m will be covered by cyber insurance.

The serious financial impact is due to the extensive remediation and “differing levels of unavailability” of various systems since the attack, it said.

This is despite the company claiming it was able to “rapidly” block the attack on discovery.

“The measures implemented immediately made it possible to contain the virus to only a limited part of the group’s infrastructure and to protect its customers and partners,” it said.

The firm claimed it had not identified any leaked data or damage to customer systems. The slow pace of restoring systems would seem to indicate that it decided not to pay the ransom.

“The secure remediation plan launched on October 26 is nearly complete,” it continued. “Access has progressively been restored to workstations, R&D and production servers, and in-house tools and applications. Customer connections have also been gradually restored.”

The attack is expected to push Sopra Steria’s organic growth for 2020 into negative territory, by between -4.5% and -5%, it said.

This is yet another cautionary tale of the destructive power of human-operated ransomware. It ranks alongside aluminium giant Norsk Hydro ($41m) and IT services firm Cognizant (up to $70m) as one of the most serious from a financial perspective.

What’s hot on Infosecurity Magazine?