SECURITY
SECURITY
SECURITY
Iced tea maker Arizona Beverages suffers downtime following ransomware attack
Arizona Beverages USA LLC, a large U.S. maker of iced tea, suffered downtime in February from a ransomware attack.
The attack, that involved the use of a form of the IEncrypt ransomware, is said to have hit the company in late March and resulted in more than 200 servers and networked computers displaying the same message: “your network was hacked and encrypted.” The message then went on to demand that a ransom payment be paid to solve the issue.
According to TechCrunch, it took five days before Arizona Beverage brought in incident responders to handle the outbreak. Those responders found that “the back-end servers were running old and outdated Windows operating systems that are no longer supported” and that “most hadn’t received security patches in years.”
The story gets worse, with the report claiming that Arizona Beverages were completely unaware of the hack and only found out about it after being informed by the Federal Bureau of Investigation.
“This is the unfortunate price companies pay when they fail to maintain their systems. At this point, there is no excuse,” Daniel Smith, head of threat research at Radware, told SCMagazine. “There have been dozens of events over the years that should have triggered an internal review or general cause for concern at Arizona Iced Tea. Every hack should be a learning moment for the security team and the industry at-large.
Although all ransomware is nefarious, IEncrypt is a particularly insidious form of ransomware, described by some security experts as a “very unpredictable infection.”
“IEncrypt is relatively new strain of ransomware first introduced in November of 2018,” Allan Liska, senior solutions architect at Recorded Future, told SiliconANGLE. “It has hit very few targets, this is the first target publicly exposed.”
“IEncrypt appears to come from the Dridex team, which are the same team behind Locky and BitPaymer,” Liska explained. “Unlike BitPaymer, IEncrypt appears to be delivered via phishing campaigns.”
The Dridex team was previously in the news when they were claimed to be behind ransomware that crippled the Professional Golfers Association of America.
Photo: MobiusDaXter/Wikimedia Commons
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
