[BreachExchange] Dunedin company forced to pay hackers after crippling cyberattack

Terrell Byrd terrell.byrd at riskbasedsecurity.com
Thu Nov 18 10:54:34 EST 2021


https://www.nzherald.co.nz/business/dunedin-company-forced-to-pay-hackers-after-crippling-cyberattack/JE6V7NJL6NMYYNUQAPLDARRWI4/


A Dunedin business which paid a ransom after being crippled by a
cyberattack has prompted a warning for companies to take the threat
seriously.

The business, which is not being named for security reasons, was the target
of an attack for two weeks in September.

The attack took out its computer systems, telephone and commercial data.

The business ended up paying the hacker's ransom to restore its system.

The business' initial review suggested the attack was an extraordinary case
of bad luck. It was caught up as collateral damage through another New
Zealand company's internet address, that was associated with the Dunedin
company's IT services, the owner said.

It seemed the highly sophisticated nature of its IT system exposed the
company to greater risks, which resulted in it becoming the target of a
professional offshore hacking group.

The attack had been an ''excellent learning opportunity'' for the business
and it wanted to help others learn from their experience, the business
spokesman said.

The company did not reveal how much it paid the cyberattackers.

Standby Consulting managing director Sam Mulholland said the attack served
as a reminder for businesses to take cybersecurity seriously as attacks
could ''literally ruin'' their company.

Mulholland spoke at a Business South event this week about business
continuity planning especially in the age of cyberattacks.

He has worked with companies in New Zealand and the Middle East, creating
plans for when things went wrong.

"The No.8 wire mentally of 'she'll be right' just doesn't work anymore."

Speaking after the event, Mulholland said cyberattacks were a major threat
to businesses.

Mulholland said he believed small businesses overall were not taking the
threat seriously enough and did not have plans in place for if it happened.

"It is not just the big corporates, the hackers are after anything that
they can get their hands on."

The cyberattack that crippled the Waikato District Health Board in May
should be used as an example of how bad an attack could be.

A continuity plan allowed businesses to know what to do with staff, media,
assets and even the company's brand when an attack happened.

Clear communication with stakeholders was also key, Mulholland said.

Cyberattacks used to be conducted by specific groups, but now it was
conducted by "software as a service", which meant anyone could buy
ransomware that kept working until it found a link into a businesses'
servers.

A police spokesman said it generally did not recommend paying any ransom
demands, despite the temptation to do so.

"Paying ransoms incentivises criminal groups to continue to target New
Zealand victims," they said.

Police asked people to report cybercrime.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20211118/7c05e5c5/attachment.html>


More information about the BreachExchange mailing list