Alphabroder Hit By Ransomware – Are You A Target As Well?

Alphabroder Hit By Ransomware

On Monday, Oct. 14, Alphabroder announced that it had been the victim of a ransomware attack. Despite the many security parameters, they had in place, cybercriminals were able to penetrate their systems and install the ransomware.

“No customer data or account information has been compromised or is accessible by this malware,” Alphabroder said in an official statement. According to their Chief Marketing Officer David Clifton, the ransomware attack only affected their ability to process orders.

How Does Ransomware Work?

In a ransomware attack, an unsuspecting user may have clicked on a seemingly safe link or an emailed attachment that appears to be a bill or other official document. Another common method of installing ransomware onto a company computer is when a user checks their personal email via a company web browser and opens an email attachment.

As a result, the attachment may install a malicious software program (malware) onto the computer system that encrypts the data and holds it at ransom. The user is then stuck without access to their data, and potentially faced with paying the attacker a huge sum and dealing with the compliance issues as a result.

What Type Of Ransomware Infected Alphabroder?

Alphabroder was infected with a type of ransomware known as SODINOKIBI, a notoriously difficult to detect malware. According to Malwarebites, this type of ransomware targets all files except those listed in their configuration file, including .jpg, .jpeg, .raw, .tif, .png, .bmp, .3dm, .max, .accdb, .db, .mdb, .dwg, .dxf, .cpp, .cs, .h, ,php, .asp, .rb, .java, .aaf, .aep, .aepx, .plb, .prel, .aet, .ppj, .gif, and .psd.

Alphabroder, as a business with more than $1.5B in annual revenue, one would assume Alphabroder would have appropriate security measures in place to protect against malware. And according to Clifton, they do.

“Unfortunately, it’s a sophisticated malware, and was able to work around those protections,” Clifton told Counselor.

What Does This Mean For You?

The primary lesson here is that if a business as big as Alphabroder can get hit by ransomware, so can you. You MUST assume your defenses will be penetrated and ask what will you do when it happens? Do you have the appropriate contingencies in place to protect you in the event of a ransomware infection?

What Is The Key To Ransomware Response?

In the event that your data is encrypted, the only thing that will save you is a robust data backup following the Backup Rule of 3-2-1.

If you have a data backup solution, then it doesn’t matter if your data has been encrypted. You can just replace it with your backup, simple as that. Time consuming, but very effective.

That’s why you should make an investment in a comprehensive backup data recovery solution so that you can restore your data at a moment’s notice when necessary.

Be sure to:

  • Back up data on a regular basis (at least daily).
  • Inspect/test your backups to verify that they maintain their integrity.
  • Secure your backups and keep them independent from the networks and computers they are backing up – part of the Backup Rule of 3-2-1.

What Is The Key To Ransomware Response?

That said, you shouldn’t just wait to get hit. Implement the following security measures to limit your exposure:

  • Access Controls
    Access controls should be configured so that shared permissions for directories, files and networks are restricted. The default settings should be “read-only” access to essential files, with limited permissions for write access to critical files and directories. Furthermore, only those needing local admin rights are to be provided with that access.
  • Firewall
    A business grade firewall is your first line of defense for keeping your information safe. A firewall is the part of solution that maintains the security of your network. It blocks unauthorized users/applications, and suspicious connections from gaining access to your data networks. Firewalls are deployed via hardware, software, and usually with a combination of the two.
  • Patch Management
    You can’t afford to ignore software update notifications – but depending on your workload, you may have to. That’s where an IT company can help.Software updates are not only to improve the functionality of the software; they also serve as a patch for recently identified vulnerabilities that can be exploited by hackers. Your IT company can handle the management of these updates to make sure that not a single one is ever skipped or delayed.
  • End User Training
    It is very important we have an ongoing training program for our users so they will recognize Cybersecurity treats as they see them and can take the appropriate actions.

Like this article? Check out the following blogs to learn more:

11 Ways You Can Benefit From Assisted IT Services

Managed IT Helps Your Bottom Line: 6 Ways How

5 Ways Managed IT Services Is the Right Choice for Your Business

Contact Info

Stay Connected