As ransomware gangs continue to target large organizations, and in the wake of several high-profile companies, this latest news demonstrates how effective and impactful cybergangs are.
Brazil’s meat producer suffered a ransomware attack earlier this week, disrupting meat production in North America and Australia. According to a statement issued by the FBI, the ransomware attack originated in Russia and is attributed to REvil ransomware – one of the major players in the RWaaS market.
The attack was discovered Sunday and the meat processing company took “immediate action, suspending all affected systems, notifying authorities, and activating the company's global network of IT professionals and third-party experts to resolve the situation”, according to a released statement.
As with any cyberattack on supply chains, logistics and transportation that keep societies moving, the potential for major disruption is huge. No details have been released around ransom demands, but it appears that the company affected is taking steps quickly to get operations back online.
REvil is one of the RWaaS creators that takes advantage of exfiltrating data to establish the double extortion”, as well as now offers a service to call victims contractors and the media as part of the “triple extortion” method.
REvil’s attack methods have historically included exploiting known vulnerabilities and phishing (which still remains the most used initial attack vector). Vulnerability assessments, patching, and Security Awareness Training should be a part of attempting to prevent ransomware attacks (REvil or otherwise).
While we wait and see what the worldwide impact is from the recent attack, use this news as your sign that it’s time to improve your security stance to keep this type of attack from happening to your organization.