Arizona Beverages, quick to the grocer’s shelf with its ubiquitous iced teas, has been slow to get much of its network running again after it discovered its backup system wasn’t properly configured to restore its systems in the wake of a targeted ransomware attack and was forced to spend a pretty penny to bring in outside help.
The attack, which appeared to leverage iEncrypt ransomware, a relative of Bitpaymer, began more than two weeks ago when a ransom note containing the company’s name and the message “Your network was hacked and encypted” appeared on the screens of more than 200 servers and computers on the Arizona Beverages network, according to a TechCrunch report.
note containing the company’s name and the message “Your network was hacked and encypted” appeared on the screens of more than 200 servers and computers on the Arizona Beverages network, according to a TechCrunch report.
Old and unpatched backend servers running outdated versions of Windows thwarted the company’s efforts to recover from the attack and kept its sales operations offline, the report said, leading it to call in Cisco five days later.
“Once the backups didn’t work, they started throwing money at the problem,” the report cited an unnamed source as saying.
In March, the FBI reportedly alerted Arizona Beverages to what appeared to be a Dridex malware infection.
“This is the unfortunate price companies pay when they fail to maintain their systems. At this point, there is no excuse,” said Daniel Smith, head of threat research at Radware, whose state of security survey found that the average estimated cost of a corporate breach was $1.1 million in 2018, up from $720,000 the year before. “There have been dozens of events over the years that should have triggered an internal review or general cause for concern at Arizona Iced Tea. Every hack should be a learning moment for the security team and the industry at-large.”