The company is popularly known for it iced tea beverages, but it was not all iced and cold for them as they are still recovering two weeks after they were hit.
The attack resulted in the company’s severs being wiped and even resulted in the company shutting down for days.🍺 More than 200 servers and networked computers displayed the same message: “Your network was hacked and encrypted.” The company’s name was in the ransom note, indicating a targeted attack.
To show how severe the case was, it took the company a whopping five days to handle the case. Reports say that Many of the back-end servers were running old and outdated Windows operating systems that are no longer supported. Most hadn’t received security patches in years.
After the attack, staffs were unable to access the backup system and that was when they realised the backup system was not even configured properly. They had no other choice but to pay cisco incident responders hundreds of dollars to rebuild their entire system from scratch, not to also talk of the other hundreds of thousands of dollars spent on new hardware and software recovery.
The botnet called Dridec which was used for the attack was reported to be the same that was taken down by the fbi in 2015, Dridex is delivered through a malicious email attachment. Once the implant installs, the attacker can gain near-unfettered access to the entire network and can steal passwords, monitor network traffic and deliver additional malware.
This is the latest and most severe and high profiled attack carried out in the past week.