Cyberpunk 2077 Patch Delayed Because CDPR Employees Can’t Use Their PCs
CDPR has already announced that its upcoming major February patch for Cyberpunk 2077 would be pushed back some weeks as a result of the ransomware attack the company has suffered, but it didn’t give a firm reason why. Cynics might have wondered if this delay had anything to do with the actual hack itself. Gabe Newell once delayed Half-Life 2 by a year after a hacker stole source code, only to later admit he’d used the hack as an excuse for the delay he was going to have to announce no matter what.
The good news is, CD Projekt Red doesn’t appear to be doing anything quite that cynical. The bad news, according to Bloomberg, is that the company’s developers are still locked out of their own workstations due to the ransomware attack. CDPR’s VPN (virtual private network) remains inaccessible more than two weeks after the attack.
CD Projekt Red has refused to pay the ransomer’s demands, but it apparently hasn’t found an alternative solution to its problem. We’re not suggesting that the company should automatically pay the hackers. If anything, paying these people off might demonstrate a viable market for holding game developer’s hostage, especially if the attackers could pull it off just before a game is supposed to go gold.
The Bloomberg report also sheds light on what effect the hack has had on CDPR’s developers. Staffers have been advised to freeze all of their accounts and report the potential for identity theft to the relevant authorities, based on the idea that hackers may have had access to this information. In addition, they were asked to send their computers to the company’s IT staff to be scanned for potential malware and security breaches.
This Is Not a Good Sign
This report, if accurate, implies CD Projekt Red is in worse shape than it is letting on. Staffers were reportedly told the attackers “may” have accessed their personally identifying information. This, combined with the bit about sending in their own systems, could mean CDPR hasn’t yet identified the attack vector or the exact data stolen.
CDPR’s initial hack announcement noted that the company had engaged the services of IT forensic specialists. The vast majority of forensic specialists can also help a company get back online after a security breach like this one, including restoring employee access to critical backend systems like the corporate VPN. If they don’t have it up and running yet, this implies some other difficulty with the investigation.
Even if CDPR had backups, there’s no guarantee those backups weren’t also encrypted. The company’s offsite or protected backups, if any exist, may have been old or otherwise incomplete. Ransomware attacks can be notoriously difficult to defend against without a robust backup strategy. Here’s hoping the delay is due to an investigative hold-up, not a lack of proper backups. If CDPR is unable to decrypt its volumes, it’ll have no choice but to pay the ransom or restart work from whatever it can cobble together.