Skip to content

Cyber attack on remote maintenance software provider Teamviewer

Teamviewer is one of the largest providers of remote maintenance software. When this company falls victim to a cyber attack, presumably by state actors, all alarm bells start ringing.

The logo of the software manufacturer Teamviewer is displayed at the headquarters.
The logo of the software manufacturer Teamviewer is displayed at the headquarters.

Software - Cyber attack on remote maintenance software provider Teamviewer

The German software provider Teamviewer has, according to its own statements, become a victim of a cyberattack. On a Wednesday, the security team of Teamviewer detected an "anomaly" in the internal IT environment, as reported on the TecDax website. The defense team was immediately activated and appropriate processes were initiated. "Together with globally recognized IT security experts, we have immediately begun investigations and implemented necessary protective measures."

Teamviewer is one of the largest providers of remote maintenance software, which is used in companies, among other things, to access the screens of employees to resolve a service request. Via this channel, one can also access sensitive information. Teamviewer emphasized that the internal IT environment of the company is completely independent of the product environment. "There are no indications that our product environment or customer data have been affected. The investigations are ongoing, and our main focus remains on ensuring the integrity of our systems."

The Heise.de portal referred to information from various IT security organizations' environments, according to which the attack targeted the account of an APT group (Advanced Persistent Threat). Behind APT groups are usually state actors. In social networks, an extract from a memo of the IT security company NCC Group circulates, in which a significant compromise by an APT group is mentioned. According to this, it should be about "Cozy Bear≥, a group controlled by the Russian intelligence service SVR. The Kremlin hackers are also suspected of attacking several German parties with malware."

Teamviewer-Statement Report Heise.de

  1. The cyberattack on Teamviewer, a renowned software provider based in Göppingen, Germany, part of Baden-Württemberg, was detected on a Wednesday within their internal Telecommunications system.
  2. Subsequent to the detection of an anomaly, the company swiftly activated their defense team and initiated appropriate processes to mitigate the issue.
  3. Teamviewer plays a significant role in the Telecommunications sector, providing remote maintenance Software used by numerous companies, including accessing employee screens for service requests, potentially exposing sensitive information.
  4. Despite the cyberattack, the company reassured its users that their internal IT environment remains separate from the product environment and no indications suggest product environment or customer data were affected.
  5. Investigations into the cyberattack continued, and the company acknowledged collaboration with globally recognized IT security experts to implement protective measures.
  6. Speculation about the cyberattack hinted at involvement of an Advanced Persistent Threat (APT) group, with some sources pointing to Cozy Bear≥, a group linked to the Russian intelligence service SVR, as the culprit.
  7. Cyberattacks and cyber espionage, falling under the broader category of Crime, pose significant threats to companies worldwide, demanding constant vigilance and response strategies.

Read also:

Comments

Latest

Grave accusations levied against JVA staff members in Bavaria

Grave accusations levied against JVA staff members in Bavaria

Grave accusations levied against JVA staff members in Bavaria The Augsburg District Attorney's Office is currently investigating several staff members of the Augsburg-Gablingen prison (JVA) on allegations of severe prisoner mistreatment. The focus of the investigation is on claims of bodily harm in the workplace. It's

Members Public