Last week, the appliance manufacturer Fisher & Paykel (F&P) was struck with a ransomware attack. Even though the attack was quickly noticed, it caused F&P to shut down their IT systems and now the company is working with third-party security companies in an effort to restore their systems and continue business as usual. The ransomware believed to be used in the attack goes by the name of Nefilim, which was also used in the attack against Toll Group earlier this year. The operators of Nefilim follow the path of other well-known ransomware operators by threatening to make their data publicly available if the requested ransom is not paid. It is unclear whether or not F&P has decided to pay the ransom, but nothing related to the company has been seen on the Nefilim leak site yet.
It seems as if a new ransomware attacks on a large company happens on a daily basis. Some ways those companies can protect themselves is by patching outdated systems, training employees on how to spot phishing emails and requiring two-factor authentication and auditing for remote access systems; all these security controls can all be helpful. Additionally, having a Security Operations Center (SOC) that monitors for intrusions at all hours of the day will help catch issues that would otherwise go unnoticed, and the longer intrusions go unnoticed, the more damage they do.