CDPR has already announced that its upcoming major February patch for Cyberpunk 2077 would be pushed back some weeks as a result of the ransomware attack the company has suffered, but it didn’t give a firm reason why. Cynics might have wondered if this delay had anything to do with the actual hack itself. Gabe Newell once delayed Half-Life 2 by a year after a hacker stole source code, only to later admit he’d used the hack as an excuse for the delay he was going to have to announce no matter what.
The good news is, CD Projekt Red doesn’t appear to be doing anything quite that cynical. The bad news, according to Bloomberg, is that the company’s developers are still locked out of their own workstations due to the ransomware attack. CDPR’s VPN (virtual private network) remains inaccessible more than two weeks after the attack.
CD Projekt Red has refused to pay the ransomer’s demands, but it apparently hasn’t found an alternative solution to its problem. We’re not suggesting that the company should automatically pay the hackers. If anything, paying these people off might demonstrate a viable market for holding game developer’s hostage, especially if the attackers could pull it off just before a game is supposed to go gold.
The Bloomberg report also sheds light on what effect the hack has had on CDPR’s developers. Staffers have been advised to freeze all of their accounts and report the potential for identity theft to the relevant authorities, based on the idea that hackers may have had access to this information. In addition, they were asked to send their computers to the company’s IT staff to be scanned for potential malware and security breaches.
This Is Not a Good Sign
This report, if accurate, implies CD Projekt Red is in worse shape than it is letting on. Staffers were reportedly told the attackers “may” have accessed their personally identifying information. This, combined with the bit about sending in their own systems, could mean CDPR hasn’t yet identified the attack vector or the exact data stolen.
CDPR’s initial hack announcement noted that the company had engaged the services of IT forensic specialists. The vast majority of forensic specialists can also help a company get back online after a security breach like this one, including restoring employee access to critical backend systems like the corporate VPN. If they don’t have it up and running yet, this implies some other difficulty with the investigation.
Even if CDPR had backups, there’s no guarantee those backups weren’t also encrypted. The company’s offsite or protected backups, if any exist, may have been old or otherwise incomplete. Ransomware attacks can be notoriously difficult to defend against without a robust backup strategy. Here’s hoping the delay is due to an investigative hold-up, not a lack of proper backups. If CDPR is unable to decrypt its volumes, it’ll have no choice but to pay the ransom or restart work from whatever it can cobble together.
NASA: Asteroid Could Still Hit Earth in 2068
This skyscraper-sized asteroid might still hit Earth in 2068, according to a new analysis from the University of Hawaii and NASA’s Jet Propulsion Laboratory.
MSI’s Nvidia RTX 3070 Gaming X Trio Review: 2080 Ti Performance, Pascal Pricing
Nvidia's new RTX 3070 is a fabulous GPU at a good price, and the MSI RTX 3070 Gaming X Trio shows it off well.
Best Games for Laptops and Low-End PCs in 2020
Just because you've got an older or low-end PC doesn't mean you can't enjoy gaming. There are thousands of back titles in the PC catalog. Here are some of our favorites.
Nvidia: RTX 3000 GPUs Will Remain Hard to Find Into 2021
There's no hope for a near-term improvement in RTX 3000 GPU availability. Shortages will likely continue through the end of this year and into the beginning of 2021.