CDPR has already announced that the upcoming big February patch for Cyberpunk 2077 will be pushed back a few weeks due to the attack on the ransomware the company suffered, but it gave no firm reason why. Cynics might have wondered if this delay had something to do with the actual hack itself. Gabe Newell delayed Half-Life 2 once after a hacker stole the source code, only to later admit that he used the hack as an excuse for the delay he had to announce, no matter what.
The good news is that CD Project Red apparently does nothing so cynical. According to Bloomberg, the bad news is that the developers of the company are still locked out of their own workstations due to the attack on the ransomware. CDPR’s VPN (virtual private network) remains inaccessible for more than two weeks after the attack.
CD Projekt Red has refused to pay the ransom’s claims, but has apparently not yet found an alternative solution to the problem. We do not suggest that the company should pay the hackers automatically. If anything, paying off these people could be a viable market to hold the game developer hostage, especially if the attackers can pull it off just before a game assumes gold.
The Bloomberg report also sheds light on the impact the hack had on CDPR’s developers. Staff are advised to freeze all their accounts and report the possibility of identity theft to the relevant authorities, based on the idea that hackers may have had access to this information. In addition, they were asked to send their computers to the company’s IT staff to investigate for possible malware and breaches.
This is not a good sign
This report, if accurate, implies that CD Project Red is worse than it’s. Staff were reportedly told that the attackers “possibly” had access to their personally identifiable information. This, coupled with a bit to submit their own systems, could mean that CDPR has not yet identified the attack vector or the stolen data.
CDPR hack statement.
CDPR’s initial announcement of hacking noted that the company used the services of IT forensic specialists. The vast majority of forensic specialists can also help a business get back online after a security breach like this, including restoring employee access to critical backup systems such as the corporate VPN. If they have not already done so, it poses other problems with the investigation.
Even if CDPR had backups, there is no guarantee that the backups were not encrypted as well. The company’s cover or protected backup, if any, may have been out of date or otherwise incomplete. Ransomware attacks can be difficult to defend without a robust backup strategy. We hope the delay is due to an investigation resistance, not a lack of proper backup. If CDPR is unable to decrypt its volumes, it has no choice but to pay the ransom or resume work of all that it can put together.
Read now: