Page 8 - GS210101
P. 8


        TSYS unfazed by ransomeware attack                      ransomware attack involving systems that support certain
                                                                corporate back office functions of a legacy TSYS merchant
              heard that payment card processing giant TSYS     business,” TSYS said in a statement. “We immediately con-
              was hit by a ransomware attack and that the theives   tained the suspicious activity and the business is operat-
              made off with tons of data and published some of   ing normally. ... Transaction processing is conducted on
        I it online. How could such a sophisticated company     separate systems, has continued without interruption and
        like TSYS, an industry leader, get tricked into this kind of   no card data was impacted. We regret any inconvenience
        situation. Also, did the company pay a ransom to get data   this issue may have caused. This matter is immaterial to
        access back?                                            the company.”
                                               Dav Mulroney
                                  Merchant Level Salesperson    So, it looks like TSYS structured its networks to limit the
        Dav,                                                    potential impact of bad actors. The processor also acted
                                                                swiftly to contain potential damage. TSYS did not state
        Thank you for your inquiry. You are correct: TSYS is a top   whether it paid ransom, but the Krebs on Security website,
        third-party payment processor in North America in addi-  reported that Conti typically only publishes data from vic-
        tion to being a major processor in Europe. On Dec. 8, 2020,   tims that refuse to negotiate a ransom payment.
        cybercriminal group Conti, which employs Ryuk ran-
        someware, published 10 gigabytes of data that it claimed   This is a good reminder that we all need to structure net-
        to have removed from TSYS' networks. Ryuk is often used   works  for  minimal  potential  impact  by  cybercriminals,
        to target financial institutions.                       render stolen data useless to thieves, and educate all net-
                                                                work users on how to prevent being a victimized by crimi-
        Unfortunately, it takes duping only one person using a   nals eager to do harm.
        network to gain access and insert malware, so even the
        most sophisticated organizations can be preyed upon by   Want to sound off?
        clever cybercriminals.  Fraudsters asserted  they  gained   What issues are on your mind as we embark upon a
        data pertaining to prepaid cards from TSYS. However, ac-  new year? What questions do you have? Let us know at
        cording to the company, this is not true. “We experienced a
   3   4   5   6   7   8   9   10   11   12   13