Catalin Cimpanu for ZDNet's Zero Day reported: "Demant, one of the world's largest manufacturers of hearing aids, expects to incur losses of up to $95 million following what appears to be a ransomware infection that hit the company at the start of the month. This marks one of the most significant losses caused by a cyber-security incident outside of the NotPetya ransomware outbreak."
DEMANT SECURITY INCIDENT
Demant's troubles began at the start of the month, on September 3, when in a short statement on its website, the company said it was shutting down its entire internal IT infrastructure following what it initially described as "a critical incident." What really happened on the company's network, we'll never know, as Demant never revealed anything except that its "IT infrastructure was hit by cyber-crime."
Per its own statements, all the company's infrastructure was impacted -- and impacted severely. This included the company's ERP system, production and distribution facilities in Poland, production and service sites in Mexico, cochlear implants production sites in France, amplifier production site in Denmark, and its entire Asia-Pacific network.
INCIDENT HAS LONG-LASTING EFFECTS ON DEMANT'S BUSINESS
But while the company's staff have been recovering IT infrastructure, the biggest losses came from the impact of not having access to these systems in the first place. The company reported "delays in the supply of products as well as an impact on our ability to receive orders." Furthermore, "in our hearing aid retail business, many clinics across our network have not been able to service end-users in a regular fashion."
These business upheavals have been a disaster for the company's bottom line. In a message to its investors, Demant said it expects to lose somewhere between $80 million and $95 million. The sum would have been higher, but the company expects to cash in a $14.6 million cyber insurance policy.
The company expects the incident to have a long-lasting effect on its bottom line, proving again why businesses can't ignore their cyber-security posture anymore." Full Story here with more detail where the losses are coming from:
https://www.zdnet.com/article/ransomware-incident-to-cost-danish-company-a-whopping-95-million/
It is not clear yet how the bad guys got into the system, could be an RDP attack, could be phishing, but in any case it makes sense to step your users through new-school security awareness training and create a human firewall as your last line of defense when malware makes it through your email filters.