Cyberpunk 2077 Patch Delayed Because CDPR Employees Can’t Use Their PCs
CDPR has already announced that its upcoming major February patch for Cyberpunk 2077 would be pushed back some weeks as a result of the ransomware attack the company has suffered, but it didn’t give a firm reason why. Cynics might have wondered if this delay had anything to do with the actual hack itself. Gabe Newell once delayed Half-Life 2 by a year after a hacker stole source code, only to later admit he’d used the hack as an excuse for the delay he was going to have to announce no matter what.
The good news is, CD Projekt Red doesn’t appear to be doing anything quite that cynical. The bad news, according to Bloomberg, is that the company’s developers are still locked out of their own workstations due to the ransomware attack. CDPR’s VPN (virtual private network) remains inaccessible more than two weeks after the attack.
CD Projekt Red has refused to pay the ransomer’s demands, but it apparently hasn’t found an alternative solution to its problem. We’re not suggesting that the company should automatically pay the hackers. If anything, paying these people off might demonstrate a viable market for holding game developer’s hostage, especially if the attackers could pull it off just before a game is supposed to go gold.
The Bloomberg report also sheds light on what effect the hack has had on CDPR’s developers. Staffers have been advised to freeze all of their accounts and report the potential for identity theft to the relevant authorities, based on the idea that hackers may have had access to this information. In addition, they were asked to send their computers to the company’s IT staff to be scanned for potential malware and security breaches.
This Is Not a Good Sign
This report, if accurate, implies CD Projekt Red is in worse shape than it is letting on. Staffers were reportedly told the attackers “may” have accessed their personally identifying information. This, combined with the bit about sending in their own systems, could mean CDPR hasn’t yet identified the attack vector or the exact data stolen.
CDPR’s initial hack announcement noted that the company had engaged the services of IT forensic specialists. The vast majority of forensic specialists can also help a company get back online after a security breach like this one, including restoring employee access to critical backend systems like the corporate VPN. If they don’t have it up and running yet, this implies some other difficulty with the investigation.
Even if CDPR had backups, there’s no guarantee those backups weren’t also encrypted. The company’s offsite or protected backups, if any exist, may have been old or otherwise incomplete. Ransomware attacks can be notoriously difficult to defend against without a robust backup strategy. Here’s hoping the delay is due to an investigative hold-up, not a lack of proper backups. If CDPR is unable to decrypt its volumes, it’ll have no choice but to pay the ransom or restart work from whatever it can cobble together.
Continue reading
Cyberpunked 2077: CDPR ‘Apologizes’ For Releasing Broken Game, Offers Refunds
Cyberpunk 2077's PS4 and Xbox One S version is so bad, the company is now offering refunds. We recommend last-gen console gamers take them up on it, rather than waiting.
CD Projekt Red Denies Any Plan to Offer Refunds for Cyberpunk 2077
Turns out, CD Projekt Red didn't actually mean for you to think you could get a refund for Cyberpunk 2077.
Sony Pulls Cyberpunk 2077 and Offers Refunds; CDPR Misled Investors in October
Sony has announced that it will pull Cyberpunk 2077 from the PlayStation Store and award refunds to anyone who wants them. Meanwhile, events of the past week have proved CD Projekt Red misled investors as to the state of the game when it announced the last three-week delay in October 2020.
CDPR Apologizes for Cyberpunk 2077 Launch, but Explains Very Little
CD Projekt Red has apologized for the state of Cyberpunk 2077 on last-gen consoles at launch, but it's explanation of what happened and why is scanty at best.