Axis Communications has published details about a cyberattack that caused major damage to its systems, some of which still remain offline.
The Swedish manufacturer of network video cameras and access control and surveillance systems Axis Communications was subjected to a cyber attack on February 20 this year and was forced to turn off all its systems to reduce its impact. The shutdown of all external services affected the company’s customers and partners, albeit in a limited number.
After the hacking, Axis Communications turned to third-party experts for help in conducting an investigation and restoring services. Now the investigation has already been completed, and the company has presented the following results:
During the attack, not a single server was encrypted, but malware and signs of hacking of the internal directory were detected on them;
The incident did not affect user information in any way;
Limited signs of the destructive impact of the cyberattack were found, in addition to inconveniences for customers and partners and reduced productivity.
Currently, OS and application updates are still not working, the Camera Station licensing system is also unavailable.
As the investigation showed, the attackers used social engineering methods to take over the account of one of the employees and log in without arousing suspicion. No vulnerabilities in the software were exploited in the attack.
In order to reduce the risks of the human factor, the company has implemented additional security mechanisms.