Axis Communications has published a post mortem about a cyberattack that caused severe disruption in their systems, with some systems still partially offline.
The Swedish manufacturer of network cameras, access control systems, and surveillance network appliances suffered a cyberattack on Sunday, February 20, 2021, forcing it to shut down all systems to limit the impact.
Axis is a subsidiary of Canon that has an annual operating income of over $1.235 billion (2019 data), accommodating customers’ needs in a wide range of industries.
As such, taking down all external-facing services inevitably affected customers and partners, albeit limited, according to the vendor.
Mostly a business interruption
In the days following the network intrusion, the firm engaged with third-party experts to investigate the incident and gradually re-introduce critical services to its clients.
Yesterday, this investigation was completed, and the following results were reported:
No servers have been found to be encrypted, but we found malware and indications that internal directory services were compromised. No customer information has been found to be affected in any way. In total, we find limited signs of damaging consequences aside from the general embarrassment and productivity loss as we clear services for production step by step.
At this time, OS and application upgrades are still facing outages, while the Camera Station licensing system is also unavailable.
Based on the investigation findings, the network intruders used social engineering to take over an employee’s account and enter the system without raising any alarms.
Axis underlines they have now implemented additional mechanisms to reduce the chances of a human error having a significant impact on its security stance.
No software flaws this time
While Axis Communications declares embarrassment from this incident, no software-level flaws were involved in the network breach.
In October 2021, Nozomi Networks published the details of three vulnerabilities affecting Axis OS that impacted the entire product line of the Swedish firm.
Being a cybersecurity-focused company, Axis patched the flaws via a security update released within a week from their discovery.
As such, the fact that OS updates are temporarily out shouldn’t be an issue if you have applied Axis OS updates after October 2021.