REVil ransomware gangs are back in action after the holidays, and have now compromised Dairy Farm, a leading pan-Asian retail operator with around 10,000 outlets and 230,000 employees. As per reports from Bleeping Computer, the threat actors have breached into the firm's network, and are continuing to poach sensitive business information from the company's servers. The ransomware group has demanded around $30 million as ransom for decrypting the data and not leaking the business information onto the dark web.
Dairy Farm has confirmed that it has been a victim of a cyberattack, but stated that only two percent of its corporate devices were infected, and those devices were isolated from the rest of its corporate network. On the contrary, the ransomware group claims they continue to have access to Dairy Farm's corporate information, and have shared a screenshot as proof.
Hackers don't always keep their word, so even if Dairy Farm cooperates by paying the ransom, the group could still leak the information out into the wild. Although the modus operandi of the attack has yet to be identified, it's clear that Dairy Farm's data has been compromised, and will continue to be until action is taken.
Considering the volume of remote workforces and the speed at which organizations are adopting digital transformation, our Cyber Town predicts there will be a increase in ransomware attacks this year; this attack on Dairy Farm, as well as another attack on the global crane manufacturer Palfinger are good examples of that prediction.
Organizations need to proactively protect their networks to avoid becoming victims of ransomware attacks. Below are some best practices to keep your network vigilant against such threats:
When it comes to ransomware attacks, it's important to practice proactive security, even if you're making full backups regularly.