[BreachExchange] Spokane company forced to temporarily shut down after ransomware attack hijacks data

Thu Oct 21 09:44:30 EDT 2021

https://www.khq.com/spokane-company-forced-to-temporarily-shut-down-after-ransomware-attack-hijacks-data/article_b21fb9b2-320b-11ec-8897-5b16833e9ab7.html

SPOKANE, Wash - "I don't care how small a business you are; you have to
protect yourself because this can happen to anyone, and it does every day
all around the country," Steve Scharff, the owner of Fluid Design Products,
a manufacturer in Spokane said.

More and more businesses across the United States are experiencing
devastating ransomware attacks. Even the smallest of businesses are not
immune. You might remember nearly two years ago when KHQ was hit by a
ransomware attack and were not the only ones hit in the Spokane area.

It can happen anywhere, at any time, and for one local manufacturing
company it happened overnight. They went in to work on a normal Tuesday
morning to see the words "All of your files are stolen and encrypted" on
every computer screen.

"In the middle of the night they took and encrypted everything on our
servers and so at that point we were completely shut down and then I
started receiving the threatening emails," Scharff said.

According to security analytics expert Cognyte, the number of ransomware
attacks nearly doubled in the first half of 2021, with just under 1,100
organizations impacted.

For Fluid Design Products, it happened on a regular Tuesday last week.

"We knew we had to shut all the doors and the back doors that would've
allowed them to get back into the system," he said.

But once the hackers go in...

"Very very weak passwords," he said.

The company's data was there for the taking.

"People keep payroll information on servers, there were social security
numbers that were taken, names, addresses," he said.

A stranger at your own desk.

"Suddenly now you don't know if you can trust your workstation," he said.

Even though Scharff backed up his data on a drive stored off-site,
everything that was on the desktops wasn't saved to that drive. It does
mean, however, when hackers were asking for money, Scharff didn't have to
pay up or even speak to the attackers.

"We did not give them the satisfaction that they had hit us," he said.

But having to shut down impacts the business anyway, just as we've seen
with the pandemic.

"The reality is it's very expensive for companies," he said. "Doesn't
matter whether you're making lattes at latte stand or selling insurance or
for us manufacturing equipment. You have deadlines, you have customers
waiting for things. You're telling them well I can't do this for you
because all my data is gone."

So, what can you do to protect yourself?

"You can have a really good antivirus, good firewall in your network and
still get ransomware - as these guys have. The best protection you can have
is user training," Dave Gest, the owner of Tech Resource said.

A majority of ransomware attacks start through emails, and if you see an
email that looks a little odd or has an attachment, you should report it to
your IT department or get some outside help before opening it.

Cyber security experts agree, prevention is key when it comes to
cyberattacks, and having a backup drive also helps.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20211021/a6df07c7/attachment.html>