The Arran Brewery has become the victim of a ransomware attack, which caused severe disruption to the business and the loss of three months’ data.
Managing director, Gerald Michaluk (pictured), said: “The virus was introduced in an e-mail, but how this happened is very devious and it is clear we were targeted.
“We advertise job vacancies on our website. One such job vacancy was for a credit control and finance assistant post, now filled. Out of the blue we started getting applicants for the post from all over the country and the world. I assumed one of my colleagues had advertised the post. However, this was not the case; the attackers had taken our website vacancy and posted it on some international jobs site.
“We were getting three of four e-mails a day, all with attached CVs. In amongst the genuine job seekers was the virus, and when the CV was opened it took effect, being so new a virus our virus protection software did not pick up the attack.”
He added: “The software then started to encrypt our system, starting with our backups and working its way through the files on our computers and then central server. We were then faced with a ransom demand. Pay up for a key to unencrypt the files or do without the data.
“We choose to bring in an expert who, having identified the problem, was able to eliminate the virus and restore part of our system, and is confident in due course when the key is cracked will be able to restore the lost data. I hope if anyone finds themselves in a similar position they can recognise the MO of these bandits and not have the same issues we have had.”
Arran Brewery is now back up and running, but lost a lot of data. The moral of the story, says Gerald, is unless you are sure of the origin of an e-mail attachment don’t open it.
“It is never wise to pay the ransom, even when it is a relatively small amount compared to the IT consultant’s costs of fixing the problem. There is no guarantee the criminals will provide a key and that it will work, or that they won’t be back again for more money.”