Cyber attack on remote maintenance software provider Teamviewer
The German software provider Teamviewer has, according to its own statements, become a victim of a cyberattack. On Wednesday, the security team of Teamviewer detected an "anomaly" in the internal IT environment, as reported on the TecDax website.
Immediately, the defense team was activated and appropriate processes were initiated. "Together with globally recognized IT security experts, we have begun immediate investigations and implemented necessary protective measures."
Teamviewer is one of the largest providers of remote maintenance software, which is used in companies, among other things, to log into the screens of employees to resolve a service request. Through this channel, one can also access sensitive information.
Teamviewer emphasized that the internal IT environment of the company is completely independent of the product environment. "There is no indication that our product environment or customer data have been affected. The investigations are continuing, and our main focus remains on ensuring the integrity of our systems."
The Heise.de portal referred to information from the environment of various IT security organizations, according to which the attack targeted the account of an APT group (Advanced Persistent Threat). Behind APT groups are usually state actors. It is said to be about "Cozy Bear>", a group controlled by the Russian intelligence service SWR.
The remote maintenance software provider, Teamviewer, is collaborating with renowned IT security experts to investigate the origin and extent of the cyberattack. Despite the secret service's reports linking the attack to a Russian APT group "Cozy Bear" controlled by the Russian intelligence service SWR, Teamviewer assures that their product environment and customer data remain unaffected.