Dole production plants crippled by ransomware, stores run short Irish agricultural megacorp Dole has confirmed that it has fallen victim to a ransomware infection that reportedly shut down some of its North American production plants. In a statement posted on its website, the produce giant said it "recently experienced a cybersecurity incident that has been identified as ransomware," …
This is one of the very old and entirely critical aspects of any and all viable backup strategies.
And apparently, we're still in the Dark Age of Computing because so few organizations actually do it.
RESULT: Successful Ransomware attacks, crippling organizations, inspiring techno-cynicism such as this:
Wetware error is forever.
"Time-bomb" ransomware often makes backups of little value, since the backups are themselves encrypted. If you're not testing your daily backups on systems that are not connected to the rest of your corporate network or the Internet, they're not much good as insurance against ransomware.
Sure, your backups from a month ago might be fine. That's still a lot of critical corporate data that's inaccessible.
<quote>"Upon learning of this incident, Dole moved quickly to contain the threat and engaged leading third-party cybersecurity experts, who have been working in partnership with Dole's internal teams to remediate the issue and secure systems," the statement continued.</quote>
Time to do this is before you get attacked afterwards is just shutting the door after the horse has bolted.
While I'm sure you're correct in your remote access assumption (almost certainly) the article does say the attack vector is unknown (maybe read as undisclosed). Could've been email or flash drive or... I don't expect to be surprised.
Because lot of production system take information from other systems like SAP, that are not hosted on-premises but either on an external datacenter or worse in the cloud...
Besides that possibility, there won't be a specific network for industrial systems not interconnected with the office network, so a lateral attack is a possibility.
A YAML deserialization bug? Come on, people. How hard is it to deserialize YAML properly?
This is probably a BOF or UAF, which would just go to show once again that most programmers can't be trusted to handle manual memory allocation properly. The combined cognitive load of vigilance in implementation and discipline in structuring and abstracting code is simply too high. Most devs need to move away from memory-unsafe languages because they can't, or don't want to, put in the work to use them in a reasonably safe manner.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
