Tietoevry is one of these firms MBAs use to dismantle the it-department and outsorce it to.<p>I've always thought these centralized point of failures are a bad idea.
Seen people speculate online that everything in AS25473 and AS34950 is affected, and that unpatched Ivanti Endpoint Manager Mobile could be the entry point <a href="https://www.shodan.io/host/193.8.33.135" rel="nofollow">https://www.shodan.io/host/193.8.33.135</a><p>Not sure how credible that is? I don't understand how that could take down the whole data center.
BleepingComputer's coverage[1] has this tidbit:<p>> BleepingComputer has been told that the Akira ransomware operation is behind the attack on Tietoevry, coming soon after the Finnish government warned about their ongoing attacks against companies in the country.<p>> "The incidents were particularly related to weakly secured Cisco VPN implementations or their unpatched vulnerabilities. Recovery is usually hard," warned the Finnish NCSC.<p>I wonder what the entrypoint was back in 2021 when they were attacked around the same time?<p>[1]: <a href="https://www.bleepingcomputer.com/news/security/tietoevry-ransomware-attack-causes-outages-for-swedish-firms-cities/amp/" rel="nofollow">https://www.bleepingcomputer.com/news/security/tietoevry-ran...</a>