Ransomware news for this day

65

A ransomware attack which took place on Arizona Beverages last month is said to have impacted the production of the largest US-based beverage supplier to a major extent. News is out that the malware succeeded in wiping out hundreds of Windows PCs hitting sales operations for two weeks, according to a source familiar with the incident.

Cybersecurity Insiders has learned that the iEncrypt ransomware succeeded in showing a negative impact on more than 200 servers and computers which were linked-up as they were all displaying a single message that “Your network has been encrypted”.

After two weeks of impact, Arizona Beverages is said to have recovered only half from the incident as the IT staff and sales department is said to have shut down all automated operations for two weeks.

An IT staff of the beverages maker revealed that all the staff of the company has submitted their laptops to them to clean up the mess. And to those who haven’t an email has been sent to not to power their laptops or copy files or connect to any network until an action is taken up to the do a clean up to the device.

The bad news is that the backup systems weren’t sophisticated enough and so did not do the backup on a proper note. So, the Cisco Incident responders have been pressed into service to help recover the company from the incident.

In the second news related to ransomware, 3 large chemical companies based in Norway and the US is said to have fallen prey to LockerGoga ransomware attack. It is said that the malware spreaders somehow found their way into the network and accessed the files, encrypted them which eventually led to the disruption of their operations.

First, it was aluminum producer named Norsk Hydro which became the victim of the malware and then after two days it was the turn of 2 US-based companies named Momentive and Hexion- both owned by public equity company named Apollo Global Management.

Those investigating report that the attack could be the work of some state-funded actors. However, at this stage, it is hard to conclude anything on this incident as the investigation is still going on.

Now coming to the third incident which is too disheartening to report, a small Michigan Medical Practice plans to permanently shut down its service as they could not pay a ransom to free up their customer data.

Yes, what you’ve read is right! A 2-doctor practice is said to have lost all its patient records, billing modules, and other critical data to the ransomware. And instead of paying a ransom to free up the data, the petite healthcare services provider decided to close down its services instead of restoring the data via backups or paying money in exchange of the decryption key.

According to a news resource from West Michigan hackers demanded $6500 as ransom to free up the data for the Brookside ENT and Hearing Center. So, after thing from all angles the healthcare services provider chose to shut down its shop which is neither recommendable as per the prevailing HIPAA laws.

More details will be updated shortly.