Canon U.S.A. hit by ransomware attack

Canon U.S.A. Inc., one of Long Island’s largest employers, suffered a cyberattack that knocked out some computer systems, a company spokeswoman confirmed Friday.

“Access to some Canon systems is currently unavailable as a result of a ransomware security incident we recently discovered,” said Christine C. Sedlacek, a senior director and general manager of corporate communications. “We immediately implemented our response protocols and began an investigation.”

The primary website for the camera and office machine giant’s U.S. operations, usa.canon.com, was inoperable Friday afternoon. Users were directed to the Canadian division’s site, canoncanada.custhelp.com/app/home.

Sedlacek said Canon has hired cybersecurity experts “who have worked with other companies that have had similar issues…We have been working nonstop to restore systems quickly, securely and appropriately. Some systems have already been restored."

Canon U.S.A. is responsible for the Americas business of its parent, Canon Inc. in Tokyo. Sedlacek said Friday the Japanese company wasn’t impacted by the cyberattack.

Canon U.S.A.'s Melville office, which cost $500 million to construct along the LIE’s South Service Road in Melville, is home to about 1,500 employees.

Canon is among a growing list of companies, municipalities and hospitals to be targeted by computer hackers who lock down entire computer networks and demand ransom to let users back into their systems.

Nearly 205,300 organizations suffered ransomware attacks in 2019, a 41% increase from a year earlier, according to Emsisoft, a New Zealand provider of security software.

Victims paid hackers $178,254, on average, in April-June to regain access to their computer systems, according to the security firm Coveware Inc. in Westport, Connecticut. That’s up 60% from earlier this year. Ransom payments have climbed steadily since 2018.

Coveware, in its quarterly report on ransomware, said the coronavirus pandemic caused more employees to work from home and increased employers’ vulnerability to cyberattacks.

The April-June period “marked the mass exodus of many employees from their workplaces to the home, increasing remote desktop protocol usage by 41% and expanding the attack surface area for threat actors to explore,” the security firm said.

Sedlacek didn’t immediately respond to questions about whether the hacker demanded a ransom and how Canon reacted.

Sixteen days is the average amount of time a business' operations are disrupted by a ransomware attack, according to Coveware.

By James T. Madore

james.madore@newsday.comJamesTMadore

James T. Madore writes about Long Island business news including the economy, development, and the relationship between government and business. He previously served as Albany bureau chief.