The latest from Tietoevery on the ransomware attack earlier this year;
On the night of January 19–20 one of Tietoevry’s data centers in Sweden was partially hit by a ransomware attack. Tietoevry sincerely regrets the challenges this criminal attack has caused to our customers, and to many entities and individuals as consequence.
Tietoevry takes security highly seriously and has actively shared information on the attack, the restoration process and the company’s approach on cybersecurity during the past months. As there has recently been speculation and misinformation circulating in the public, the company would like to provide further context and clarity:
- During the years 2022–2023, Tietoevry has invested in total around EUR 100 million in the development of data centers, cybersecurity and resilient IT infrastructure. The investment decisions in the area of cybersecurity are made primarily within Tietoevry’s five specialized businesses.
- The overall security landscape as well as Tietoevry’s own security operations and developments are regularly reviewed, assessed and followed up by the Group Management.
- Tietoevry has 24/7 operations to ensure service availability and rapid response in case of any disruption. In the case of this ransomware attack, Tietoevry’s monitoring detected the suspicious activity, and Tietoevry’s experts were able to stop the attack during the night and limit its impact.
- The foundation for restoration activities, the new platform, was built within 24 hours of the attack. Tietoevry was able to restore over 90% of the affected servers from backups within four days.
- Further restoration of the services progressed in collaboration with the customers in question. With the exception of efforts continuing with few customers, all other impacted customer services were fully restored by mid-March.
- As earlier communicated, Tietoevry’s analysis concluded the most probable path used by the attacker to gain unauthorized access to the data center. Furthermore, Tietoevry has involved credited third-party security experts also in the analysis.
- Tietoevry has official security policies, including access control and password management, adhering to the latest recommendations in the industry. Tietoevry’s operations are also audited by external parties.
- As an IT service provider, Tietoevry is actively engaged with cybersecurity-centric authorities. In this ransomware attack, the company has shared all findings with relevant authorities throughout the process.
“I see it paramount to emphasize that we take the implications for all our customers affected by this attack extremely seriously, and that we have taken the attack very seriously. We are committed to sharing developments related to it as openly as possible. We now provide this information to exemplify how we, as an IT service provider, are addressing the highly critical area of cybersecurity preparedness. Cybersecurity has become a fundamental enabler of the digital society. Being part of the Nordic society ourselves, we take seriously the responsibility of being in the forefront of digital security – and are committed to continuous improvement,” says Kimmo Alkio, CEO of Tietoevry.
Tietoevry’s previous release on the topic can be found here.
Be the first to comment