Cybercrime Cyber attack on remote maintenance software provider Teamviewer
Teamviewer is one of the largest providers of remote maintenance software. When this company falls victim to a cyberattack, presumably by state actors, all alarm bells start ringing.
28.06.2024, 11:24
SDA
The German software provider Teamviewer claims to have been the victim of a cyberattack. On Wednesday, Teamviewer's security team detected an "anomaly" in the internal IT environment, the company announced on its website. The defense team was immediately activated and appropriate processes initiated. "Together with globally recognized IT security experts, we immediately began investigations and implemented the necessary protective measures."
Teamviewer is one of the largest providers of remote maintenance software, which is used in companies to dial into employees' screens in order to resolve a service request, among other things. Sensitive information can also be accessed in this way.
Teamviewer emphasized that the company's internal IT environment is completely independent of the product environment. "There is no indication that our product environment or customer data may have been affected. The investigation is ongoing and our primary focus remains on ensuring the integrity of our systems."
The portal Heise.de referred to information from various IT security organizations that the attack was the work of an APT (Advanced Persistant Threat) group. APT groups are usually state actors. For example, an excerpt of a memo from the IT security company NCC Group is circulating on social networks, which mentions a significant compromise by an APT group. This is said to be "Cozy Bear", a group controlled by the Russian secret service SWR.
