ProPrivacy’s digital privacy expert, Ray Walsh, has said that the possibility of CD Projekt RED’s ransomware attack being an inside job is “plausible.”
Yesterday, the developer announced that its IT infrastructure had been breached. A note was left behind urging cooperation, failing which the hackers threatened to release confidential documents and source codes of its games, including an unreleased version of The Witcher III: Wild Hunt. CD Projekt RED has refused to comply, and is investigating the attack along with relevant authorities.
“The possibility of an inside job is, of course, plausible,” Walsh told Computer Weekly. “The bad press caused by the early release of Cyberpunk 2077 in a buggy state, as well as reports that CD Projekt blamed its developers for the issues, could well have left a bad taste in somebody’s mouth. We will now have to wait and see exactly what forensic analysis reveals about this hack so that CD Projekt can ascertain exactly what data was affected and what exactly might potentially be at risk.”
Sumo Logic’s vice-president Ian Chidgey added that its vital for video game developers and publishers to secure their software supply chain, especially when “code is their product.” “For games developers and publishers, protecting their operations involves securing game assets and IP alongside the cloud instances and services running the games instances,” he said.
CD Projekt RED claims that its consumer and player data appears to be safe. However, there’s little the company can do to prevent source codes from being dumped and distributed online.
[Source: Computer Weekly]
