Foodservice supplier Edward Don has suffered a ransomware attack that caused the company to stop portions of their network to prevent the virus’s spread. Edward Don and Company is one of the largest distributors of foodservice equipment and supplies, such as kitchen supplies, bar supplies, flatware, and dinnerware. The ransomware attack has caused some of their employees to use Gmail accounts to communicate with customers regarding orders or fulfillment issues. As Edward Don is one of the leading distributors of food service supplies, this attack will cause a significant disruption in the supply chain for hospitals, restaurants, hotels, and bars. At this time, it is not clear what ransomware operation has conducted the attack.
There are several concepts that can assist an organization in ransomware defense:
1. Train staff on proper cybersecurity practices and randomly test their training through penetration testing.
2. Monitoring the organizations network by analyzing logs, investigating alerts and watching traffic patterns for unusual network traffic.
3. Maintain proper backups by using the 3-2-1 method: keep three copies of backup data, stored on two separate media devices, with one copy kept securely off-site
4. Patch software and keep anti-virus programs up to date.
5. Using enterprise email security filtering solutions, apply email filtering tools that look for suspicious email addresses and possibly malicious email attachments.
6. Having a robust incident response plan will help the organization get back up and running after a ransomware attack happens.