Connect with us

Security

Company shuts down because of ransomware, leaves 300 without jobs just before holidays

Published

on

An Arkansas-based telemarketing firm sent home more than 300 employees and told them to find new jobs after IT recovery efforts didn’t go according to plan following a ransomware incident that took place at the start of October 2019.

Employees of Sherwood-based telemarketing firm The Heritage Company were notified of the decision just days before Christmas, via a letter sent by the company’s CEO.

Speaking with local media, employees said they had no idea the company had even suffered a ransomware attack, and the layoffs were unexpected, catching many off guard.

“Unfortunately, approximately two months ago our Heritage servers were attacked by malicious software that basically ‘held us hostage for ransom’ and we were forced to pay the crooks to get the ‘key’ just to get our systems back up and running,” wrote Sandra Franecke, the company’s CEO, in the letter sent to employees.

She goes on to say that data recovery efforts, initially estimated at one week, have not gone according to plan and the company had failed to recover full service by Christmas.

Franecke said the company lost “hundreds of thousands of dollars” because of the incident and have been forced to “restructure different areas in the company.”

As a result of the botched ransomware recovery process, the company’s leadership decided to suspend all services, leaving more than 300 employees without jobs.

Local news outlet KATV reported last month that dozens of employees already filed for unemployment with local authorities even before the Christmas holiday, with many not expecting the company to survive.

No progress on recovery efforts over the holidays

Franecke left the door open for people to get their jobs back, telling employees to call back on January 2 for a status update, in case the IT staff made headway with data recovery efforts over the holiday season.

The same KATV reported that when employees called the company yesterday, they were greeted by a recorded message informing them that recovery efforts have not been successful and that users should seek new jobs.

“Though we have made progress, there is still much work to be done. With that in mind, we do not prevent you from searching for other employment. Please take care of yourselves, your loved ones, and have a happy New Year,” the message said.

A former The Heritage Company employee told KATV that they’ve lost any faith the company is going to ever recover from the ransomware attack.

“Most of us are convinced that they’re not going to reopen. I’m pretty sure they’re just buying time because they know as soon as they’re not going to reopen we’re going to have to get a settlement and I think they just don’t want us to take them to court,” the employee told KATV.

Similar cases

What happened to The Heritage Company is not an isolated incident. Over the past two years, there have been many cases where smaller companies decided to shut down for good, lacking the funds to pay a ransom demand to get their data back or lacking the funds needed to rebuild their IT infrastructure.

For example, in April 2019, doctors at a medical practice office in Michigan decided to shut down their business and retire one year ahead of schedule, rather than deal with the fallout from a ransomware infection.

Similarly, a second medical office, based in Simi Valley, California, reached the same conclusion in September 2019, deciding to shut down all operations after they were infected with ransomware a month before and lacked the funds to pay the ransom.



Source link

Continue Reading

Security

The Five Pillars of (Azure) Cloud-based Application Security

Published

on

This 1-hour webinar from GigaOm brings together experts in Azure cloud application migration and security, featuring GigaOm analyst Jon Collins and special guests from Fortinet, Director of Product Marketing for Public Cloud, Daniel Schrader, and Global Director of Public Cloud Architecture and Engineering, Aidan Walden.

These interesting times have accelerated the drive towards digital transformation, application rationalization, and migration to cloud-based architectures. Enterprise organizations are looking to increase efficiency, but without impacting performance or increasing risk, either from infrastructure resilience or end-user behaviors.

Success requires a combination of best practice and appropriate use of technology, depending on where the organization is on its cloud journey. Elements such as zero-trust access and security-driven networking need to be deployed in parallel with security-first operations, breach prevention and response.

If you are looking to migrate applications to the cloud and want to be sure your approach maximizes delivery whilst minimizing risk, this webinar is for you.

Continue Reading

Security

Data Management and Secure Data Storage for the Enterprise

Published

on

This free 1-hour webinar from GigaOm Research brings together experts in data management and security, featuring GigaOm Analyst Enrico Signoretti and special guest from RackTop Systems, Jonathan Halstuch. The discussion will focus on data storage and how to protect data against cyberattacks.

Most of the recent news coverage and analysis of cyberattacks focus on hackers getting access and control of critical systems. Yet rarely is it mentioned that the most valuable asset for the organizations under attack is the data contained in these systems.

In this webinar, you will learn about the risks and costs of a poor data security management approach, and how to improve your data storage to prevent and mitigate the consequences of a compromised infrastructure.

Continue Reading

Security

CISO Podcast: Talking Anti-Phishing Solutions

Published

on

Simon Gibson earlier this year published the report, “GigaOm Radar for Phishing Prevention and Detection,” which assessed more than a dozen security solutions focused on detecting and mitigating email-borne threats and vulnerabilities. As Gibson noted in his report, email remains a prime vector for attack, reflecting the strategic role it plays in corporate communications.

Earlier this week, Gibson’s report was a featured topic of discussions on David Spark’s popular CISO Security Vendor Relationship Podcast. In it, Spark interviewed a pair of chief information security officers—Mike Johnson, CISO for SalesForce, and James Dolph, CISO for Guidewire Software—to get their take on the role of anti-phishing solutions.

“I want to first give GigaOm some credit here for really pointing out the need to decide what to do with detections,” Johnson said when asked for his thoughts about selecting an anti-phishing tool. “I think a lot of companies charge into a solution for anti-phishing without thinking about what they are going to do when the thing triggers.”

As Johnson noted, the needs and vulnerabilities of a large organization aligned on Microsoft 365 are very different from those of a smaller outfit working with GSuite. A malicious Excel macro-laden file, for example, poses a credible threat to a Microsoft shop and therefore argues for a detonation solution to detect and neutralize malicious payloads before they can spread and morph. On the other hand, a smaller company is more exposed to business email compromise (BEC) attacks, since spending authority is often spread among many employees in these businesses.

Gibson’s radar report describes both in-line and out-of-band solutions, but Johnson said cloud-aligned infrastructures argue against traditional in-line schemes.

“If you put an in-line solution in front of [Microsoft] 365 or in front of GSuite, you are likely decreasing your reliability, because you’ve now introduced this single point of failure. Google and Microsoft have this massive amount of reliability that is built in,” Johnson said.

So how should IT decision makers go about selecting an anti-phishing solution? Dolph answered that question with a series of questions of his own:

“Does it nail the basics? Does it fit with the technologies we have in place? And then secondarily, is it reliable, is it tunable, is it manageable?” he asked. “Because it can add a lot overhead, especially if you have a small team if these tools are really disruptive to the email flow.”

Dolph concluded by noting that it’s important for solutions to provide insight that can help organizations target their protections, as well as support both training and awareness around threats. Finally, he urged organizations to consider how they can measure the effectiveness of solutions.

“I may look at other solutions in the future and how do I compare those solutions to the benchmark of what we have in place?”

Listen to the Podcast: CISO Podcast

Continue Reading

Trending