The TTEC Ransomware attack
TTEC, a provider of outsourced customer care and sales assistance to some of the world’s biggest companies, is contending with interruptions caused by a network security issue that came about as a consequence of a ransomware attack.
According to TTEC’s statement, the company has suffered a cyber attack that has impacted several of their TTEC systems. Although some of the company’s data has been encrypted and their business operations have been momentarily interrupted as a consequence of the event, the customer care giant continues to service its worldwide customers.
As per what has been revealed, TTEC has quickly initiated its business continuity procedures for information security incidents, isolating the affected systems and implementing additional countermeasures to handle the issue. The company is currently undertaking a slow and cautious process of repairing the systems that have been affected.
An investigation for evaluation of the impact of the attack has also been initiated. Generally, TTEC claims that it does not retain their customers’ data, and no evidence of compromise to their clients’ data has yet been found. The company intends to not be sharing any more information until their investigation is finished.
An internal message sent to selected employees about the status of a broad system outage that started on Sunday, September 12 was the first hint that TTEC might have been under attack.
The message issued by the company to select workers says, “We’re continuing to resolve the system outage affecting access to the network, applications, and customer support.”
TTEC’s warning message to workers suggests about a possible attack on the company’s systems by the ransomware organization “Ragnar Locker” (or by a rival ransomware gang pretending to be Ragnar). A notice from the IT department warned employees to avoid clicking on a file named “!RA!G!N!A!R!” that might have arrived in their Windows start menu.
Ragnar Locker, a cybercriminal organization that mostly uses ransomware to extort large sums of bitcoin, is known for its ruthlessness. The organization made a frightening threat to expose the entire data of victims who seek assistance from law enforcement and investigative agencies after a ransomware assault, which was announced on the group’s darknet leak site this week.
The scope and severity of the attack on TTEC’s systems is still unclear. However, when such attacks occur, it is normal for businesses to shut down key systems to prevent further infection. The more practical method is to cut all connectivity, since even if the malware stays on the network, at least it cannot distribute to partner networks. Nonetheless, there is some anxiety when considering the continuing TTEC outage because customers who are in need for customer service during the outage may need to suffer extended waiting periods and delay.
TTEC is a company with over 60 000 employees, the majority of which work from home, assisting customers on behalf of well-known organizations such as Bank of America, USAA, Dish Network, Kaiser Permanente, Best Buy and others.