Arizona Beverages Attacked by Ransomware Due to Alleged Outdated IT Infrastructure

Arizona Beverages, a massive beverage supplier based in New York, is recovering from a massive ransomware attack in March 2019.

More than 200 servers and workstations displayed the message “Your network is hacked and encrypted”, along with a targeted note with the company’s name.

IT told staff to hand in their laptops and to not power them on, copy files, or connect to any network.  As it turns out, the business has been using old and outdated Windows operating systems that hadn’t seen security patches in years.

While it’s not publicly known how this attack exactly started, the FBI did contact Arizona Beverages to warn of an apparent Dridex malware infection which is typically delivered through a malicious email attachment.

On top of all this, IT staff discovered the backup system wasn’t configured or tested properly.

Once it was known that the backups didn’t work, Arizona Beverages engaged Cisco’s Incident Response Team and started throwing money at the problem. The company’s IT staff had to effectively rebuild the entire infrastructure from scratch and spend hundreds of thousands on new hardware, in addition to Cisco’s fees.

What are the lessoned learned for Arizona businesses?

• Understand your business’s IT must be actively managed, maintained, and secured by a trusted IT provider. The consequences of using outdated systems are expensive and devastating to your business. Could you afford to replace all your IT equipment + pay an incident response team to recover your data?
• Your IT provider must provide you with a rock solid backup and disaster recovery solution that is tested constantly. For PK Tech, we manually test all of our clients’ backups weekly to confirm files restore and the data is readable.
• A penny wise, pound foolish mentality toward IT spending will typically end with a sudden IT spending explosion to catch up. Arizona Beverages was apparently using outdated Microsoft operating systems in a production environment. We’re assuming IT was treated as an expense and not an investment. In their case, the result was days of downtime, lost revenue and productivity, as well as having to spend tons of cash to pay for a total rebuild and data recovery.
• With a proper budget, IT enables your business to generate revenue reliably and to even differentiate yourself from your competition. Treating IT as an expense to be minimized will result in corners being cut and unnecessary short and long term risk to your business.

Please reach out to us if you’re worried your IT environment is outdated and at risk for attack and want a second set of eyes.

Source: https://techcrunch.com/2019/04/02/arizona-beverages-ransomware/

About PK Tech