Konica Minolta Hit By Ransomware, No Impact To All Covered

Konica Minolta joins fellow print victims Xerox and Canon as ransomware actors increasingly target enterprise companies in 2020.

Ransomware continues to bedevil massive enterprises as Konica Minolta acknowledged it was recently struck, joining a list of high profile companies and at least one other printer that has been hit this year.

In a statement to CRN, Konica Minolta said the attack had “no impact” on the company’s MSP business, All Covered.

“No impact to All Covered nor was any Konica Minolta data accessed or impacted,” the company said in a statement to CRN.

Konica Minolta joins fellow printer and copier makers Xerox, which has also been hit with ransomware, as well as Canon, which was disclosed on Aug. 6 that it was hit by ransomware.

Xerox was hit by the Maze variant in July. That group, which runs a site that publishes the data of its victims, uploaded several gigs of Xerox data earlier this month.

Canon said it has installed EDR tools on devices “across its network” to fortify its systems in responce.

“Like other large companies attacked by groups that use ransomware, Canon USA implemented its response protocols to restore and safeguard its systems,” the company said in a statement. “Canon USA installed an endpoint threat detection and response tool on devices across its network to support the investigation of this incident and provide an enhanced ability to detect and prevent incidents.”

The attack on Konica Minolta was first reported by Bleeping Cool News, which said the incident happened at the end of July. At the time, the attack knocked out a customer support site. Later, Konica Minolta customers began seeing the error message “Service Notification Failure” on their devices.

On reddit customers complained that they could not submit tickets to Konica Minolta and some said it was impossible to download device drivers.

According to a source that leaked the information to Bleeping Cool, Konica Minolta was ransomed by a new variant called RansomEXX.

The attackers left a readme.txt file that permitted the company to send one file that they would decrypt for free, but said it would cost to access the remainder of the data. The attackers warned the company not to contact police.

In addition to printer, copier, and device manufacturing, Konica Minolta also operates All Covered, the national MSP that serves SMB customers.

Earlier this week, that unit acquired cybersecurity company Depth Security, which it plans to add to All Covered’s MSP offering.

Depth Security is expected to help All Covered build market share as part of its security portfolio, “specifically in the penetration testing segment,” which the company estimates will “grow 14.9% CAGR by 2025.”

“Continuing to invest in our security offering has become increasingly critical to help customers protect their data,” Rick Taylor, President and CEO, Konica Minolta said in a statement. “Adding Depth Security’s expertise to All Covered’s arsenal will accelerate our ability to keep clients’ data safe so they can focus on maintaining profitability as we continue to guide them on the path to digital transformation.”

Depth Security was founded in 2006. It specializes in providing visibility into threats to business infrastructure and operations, as well as network and application penetration testing and adversary emulation.

It also offers a suite of securtiy solutions, including network access control, endpoint protection, endpoint application control, EDR, among “next generation” firewall, threat emulation and extraction, and mobile threat prevention.

In 2018, All Covered also bought cybersecurity company VioPoint to shore up its customers networks.