The opening of a seemingly benign email from a coworker by an unsuspecting employee set in motion an attack that brought operations to a halt and resulted in some costly remediation. The Arrigo Automotive Group in West Palm Beach, FL became the latest victim of a ransomware attack that crippled most of the computers across Arrigo’s five dealerships.
Rather than pay the ransom, Arrigo’s IT team chose to involve the FBI, purchase 250 new computers, and leverage external security response experts to help identify what happened and properly remediate the attack. Estimates put the remediation at close to half a million dollars.
According to Brad Holton, CEO of Proton Technologies – the group working with Arrigo to respond to and remediate the attack, organizations need to leverage Security Awareness Training to educate employees on what to look for when malicious emails make it past security solutions to the user’s Inbox. Holton also recommends regular phishing tests to gain valuable feedback on which employees still present a risk to the organization by clicking on mock-malicious links and attachments.
This cautionary tale of a simple ransomware attack is just one of countless thousands. The methods used and outcomes achieved are nothing special. So, it stands to reason that if organizations today follow the simple steps outlined, the likelihood of this happening in your company diminishes significantly.
Automotive News has the full story: https://www.autonews.com/dealers/dealerships-targeted-ransomware
Here's how it works:
