One of the largest drinks suppliers Arizona Beverages is restoring their operations caused by a massive ransomware attack that shut down operations of the Sales department, Tech Crunch informs. The company’s IT specialists and hired experts are still working at the recovery of the company’s back-end servers that were victimized by iEnscrypt ransomware and there is no information about financial loses.
The recovery operations started a week after the iEnscrypt attack when it was discovered that due to outdated and security unpatched Windows servers and failed recovery attempts. The biggest beverages supplier in the US hired Cisco response team services to cope with the incident that caused millions of dollars loses only in sales and spent hundreds of thousands on security updating including software and hardware.
Cisco security experts believe that the current iEnscrypt infection is an aftereffect of another malware that has been compromising the company’s infrastructure for months. Dridex malware usually comes with infected email attachments that provide hackers with access to the victim’s systems and make stealing credentials as well as payload installation possible and since 2017 it targets big market fish.
Targeted attack disrupted core operations of local governments making the officials satisfy the attackers’ requirements. Enterprise malware is all the rage and causes dreadful damages making use not only of companies’ outdated hardware but also poor security awareness.
Encrypting ransomware communicates with its C&C server reporting about the progress and getting the commands, leverage your SIEM tool with Ransomware Hunter rule pack to spot the sighs of attack and prevent infecting your company’s system.