CD Projekt becomes latest victim of ransomware attack
February 2021 by Simon Mullis, Director of Technical Account Management at Tanium
It was recently confirmed that the Polish games developer, CD Projekt has been the victim of a ransomware attack. This follows a number of previous attacks last year which targeted a number of other companies in the gaming industry. The comment below from Simon Mullis, Director of Technical Account Management at Tanium. Do feel free to use this in any content you publish on this news item.
"CD Projekt is the studio that produced Cyberpunk 2077, one of the biggest and most high-profile releases across all media in 2020. Aside from the "life imitates art" nature of this story - given the subject matter of the game - this attack shows that anyone can be vulnerable to ransomware, even tech savvy organisations.
CD Projekt is a significant enterprise with more than 1000 staff. In companies of this size, there is often a silo between IT operations and security. This division can cut off visibility of what’s going on in a corporate network and leave organisations exposed to disruption, reputation damage and significant financial cost. When organisations encourage collaboration between these two teams, they are more likely to achieve the high level of IT hygiene that’s needed to achieve a good level of defence against ransomware attacks.
"Most security issues are caused by either basic hygiene issue that could and should have been identified and fixed with the correct level of visibility and control or they are caused by simple human error. Protecting an organisation from the impact of any attack - including ransomware - comes down to ensuring security defences are up to date and appropriately configured and making sure employee behaviour is driven towards best practices as much as is possible. Is everything patched? Are security tools up to date? Is there complete visibility of all endpoints within your perimeter? Now that everyone is working from home, can you apply the same visibility and protection to all of your employees, whatever their location? These are the important questions to be able to answer."