Arizona Beverages knocked offline by ransomware attack

[InfoSec News <alerts () infosecnews org>]

https://techcrunch.com/2019/04/02/arizona-beverages-ransomware/

By Zack Whittaker
Techcrunch.com
April 2, 2019

Arizona Beverages, one of the largest beverage suppliers in the U.S., is 
recovering after a massive ransomware attack last month, TechCrunch has 
learned.

The company, famous for its iced tea beverages, is still rebuilding its network 
almost two weeks after the attack hit, wiping hundreds of Windows computers and 
servers and effectively shutting down sales operations for days until incident 
response was called in, according to a person familiar with the matter.

More than 200 servers and networked computers displayed the same message: "Your 
network was hacked and encrypted." The company’s name was in the ransom note, 
indicating a targeted attack.

Notices posted around the office told staff to hand in their laptops to IT 
staff. "Do not power on, copy files, or connect to any network," read the 
posters. "Your laptop may be compromised."

It took the company another five days before the company brought in incident 
responders to handle the outbreak, the source said. Many of the back-end 
servers were running old and outdated Windows operating systems that are no 
longer supported. Most hadn’t received security patches in years.

[...]

--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_