A recent cyberattack on Australian beverage manufacturer Lion demonstrates how even a modicum of precaution after an attack can spell doom for operations.
Earlier this month, it was reported that Lion suffered a cyberattack that resulted in every IT system being shut down. While no details were provided at the time, it was later revealed that a second attack occurred. Despite initial efforts to beef up security on systems during the remediation efforts of the first attack, the second attack resulted in data being stolen along with a ransom demand that included the threat of publishing or auctioning off Lion’s stolen data.
According to another report, the attack was identified as using REvil ransomware, with the cybercriminal group extorting Lion to pay a ransom of $800,000. We’ve said before that all ransomware attacks must be treated as data breaches – even if there’s no initial evidence of a breach.
The Lion attack seems to be the “new normal” when it comes to ransomware attacks with many ransomware operators getting on the extortion bandwagon looking to ensure they receive payment.
Lion’s story isn’t unique; in fact, it represented everything you should expect moving forward.
So, organizations can no longer simply rely on backups to address the issue of encrypted data; instead a proactive security stance needs to be propped up that includes Security Awareness Training to prevent ransomware attacks from happening in the first place.