Ransomware has caused real chaos among businesses in recent times; the evolution of ransomware attacks that remain undetectable until the victim's data has been encrypted has left companies worried. On August 15, 2020, one of the leading liquor manufacturers, 150-year-old Brown-Forman, became the victim of a ransomware attack initiated by the REvil ransomware group. Brown-Forman is known for its brands like Jack Daniel's and Korbel champagne.
A spokesperson from Brown-Forman confirmed the attack but denied that any of the company’s systems or data were compromised. However, to the contrary, the REvil ransomware gang disclosed screenshots of Brown-Forman's encrypted data, which includes copies of internal communications, financial documents, and personal data. REvil claims that it has accessed close to one terabyte of data from the company. Brown-Forman’s spokesperson later confirmed that some of the company’s data had been compromised, including the personal data of Brown-Forman’s employees.
Brown-Forman has consulted with law enforcement and is doing its best to handle the situation; but considering that REvil has previously published stolen data to the dark web, REvil believes it is prudent of Brown-Forman officials to pay the ransom to retrieve their company’s data, albeit it isn't an ethical means of handling the situation.
Even if Brown-Forman complies with REvil’s demands and pays the ransom to secure its stolen data, this isn’t a permanent solution for data theft and cyberattacks. Ransomware operators will continue to target enterprises, and paying the ransom is just going to further motivate these entities to continue their malicious actions. Organizations need to build up their defenses by improving their cybersecurity and ensure that employees are familiar with cybersecurity best practices.
Companies can't be completely safe against ransomware threats, as each threat is clearly crafted and deployed in a unique way every time. However, with certain cybersecurity practices in place, your organization could make things quite challenging for ransomware actors. Follow the below list of best practices to keep your network safe from file encrypting malware.
Brown-Forman, Capital One, NHS, Telecom Argentina, and other major enterprises have fallen victim for ransomware attacks. Never be overconfident and assume that your organization could be an exception and will not be of interest to cybercriminals. Most ransomware attacks are not targeted takedowns; rather, the hackers simply wait for the victims to fall into their traps. So, always keep your guard up to stay safe from encrypting malware.
Companies need to employ cybersecurity tools—like unified endpoint management, mobile device management, patch management, SIEM, log management, vulnerability management, and anti-virus solutions—to keep their network safe from cyberattacks.
