What would happen if you had a multi-location hospitality business and had to close multiple locations? If a possible data breach and ransomware attack occurred, holding files hostage and eroding the trust of your customer base? What next?
“It is already common and will become more and more so,” said CEO Ryan Vestby. “The idea that the core technology in your business, the everyday tools that you use, can and will be used against you. If not properly protected, they become penetration points, leaving holes in your system for malicious intent. You wouldn’t leave your purse or wallet on the seat of your car after you have parked your vehicle and walked away with the doors unlocked. The same rules apply to technology today. It needs to be monitored with up-to-date hardware and software that is forever changing. Therefore the work to secure systems properly is never complete. We have an entire society to educate on how important becoming technology-centric is to a business. Ultimately it affects the bottom line. Bad technology drives inefficiencies to a business’s payroll with a multi-pronged approach, yet technology is a line item that most businesses don’t budget enough for.”
Recipe Unlimited has franchises and/or operates over 1,000 restaurants on a national level, mainly in Canada.
Sophia Harris, Business Reporter for the CBC, has been on top of this story and shares employee confusion, concern, and what she calls a “downplaying” of the ransomware letter received by Recipe Unlimited.
Without knowing the full scale of the attack it is hard to pinpoint exactly what type it could be. All signs currently point to a targeted ransomware campaign called Ryuk.
Ryuk is a targeted and very well-planned ransomware campaign. It has attacked organizations worldwide, with payouts ranging from 15-50 BTC (Bitcoin). While common ransomware uses a systematically distributed email with a mass spam campaign, targeting employees by encouraging them to click links or open attachments, Ryuk is tailored. Its scheme is intentional and built for smaller-scale operations. It infects crucial resources like a POS (Point Of Sale) system and is carried out manually by the attacker. This means it has had to extensively research, map, hack, and collect data prior to you knowing you have been attacked. The attackers are experienced and target the vulnerabilities of your operation.
Then, they leave you a note.
To read more about Ryuk from a technical standpoint there is an in-depth blog by Checkpoint Research.
Malware disrupts and damages your system by gaining unauthorized access. Simply put, it is short for malicious software. It is designed to intentionally infect your system and comes in the form of a computer virus or worm, Trojans, spyware, adware, and ransomware.
Ransomware, on the other hand, is a subset of malware that is designed to block access. It is most common to penetrate connected devices or systems, such as a personal computer, server, pos-system, smartphone, or tablet. A ransom is paid to unlock and hopefully regain access, but there is no guarantee.
Core security is as important as keeping the lights on for a business today. A penetration test or pen test is an evaluation of the security layers of your technology infrastructure. It is concerned with safely trying to exploit vulnerabilities.
Vulnerabilities may exist in operating systems, services, application flaws, improper configurations, or risky end-user behaviour. Such assessments are also useful in validating the efficacy of defence mechanisms, as well as end-user adherence to security policies.
Once you know where the penetration risks are, you can start to plan and manage prevention strategies in an intelligent way. This also avoids the cost of network downtime and preserves the corporate image and customer loyalty.