Arizona Beverages knocked offline by ransomware attack

TechCrunch | 4/2/2019 | Staff
madalina09madalina09 (Posted by) Level 4
Click For Photo: https://techcrunch.com/wp-content/uploads/2019/04/arizona.jpg?w=600

Arizona Beverages, one of the largest beverage suppliers in the U.S., is recovering after a massive ransomware attack last month, TechCrunch has learned.

The company, famous for its iced tea beverages, is still rebuilding its network almost two weeks after the attack hit, wiping hundreds of Windows computers and servers and effectively shutting down sales operations for days until incident response was called in, according to a person familiar with the matter.

Servers - Computers - Message - Network

More than 200 servers and networked computers displayed the same message: “Your network was hacked and encrypted.”

Notices posted around the office told staff to hand in their laptops to IT staff. “Do not power on, copy files, or connect to any network,” read the posters. “Your laptop may be compromised.”

Company - Days - Company - Incident - Responders

It took the company another five days before the company brought in incident responders to handle the outbreak, the source said. Many of the back-end servers were running old and outdated Windows operating systems that are no longer supported. Most hadn’t received security patches in years.

The source said they were “surprised” an attack hadn’t come sooner given the age of their systems.

Day - Attack - Hit - Staff - Backup

A day after the attack hit, staff found the backup system wasn’t configured properly and were unable to retrieve the data for days until the company signed an expensive contract to bring in Cisco incident responders. A spokesperson for Cisco did not immediately comment. The company’s IT staff had to effectively rebuild the entire network from scratch. Since the outbreak, the company has spent “hundreds of thousands” on new hardware, software and recovery costs.

“Once the backups didn’t work, they started throwing money at the problem,” the person said.

Ransomware - Infection - Understood - BitPaymer - Screenshot

The ransomware infection, understood to be iEncrypt (known as BitPaymer) per a screenshot seen by TechCrunch, was triggered overnight on March 21, weeks after the FBI contacted Arizona to warn of an apparent...
(Excerpt) Read more at: TechCrunch
Wake Up To Breaking News!
Does it ever seem that life has become one long rerun?
Sign In or Register to comment.

Welcome to Long Room!

Where The World Finds Its News!