UPDATED 22:08 EDT / APRIL 02 2019

SECURITY

Iced tea maker Arizona Beverages suffers downtime following ransomware attack

Arizona Beverages USA LLC, a large U.S. maker of iced tea, suffered downtime in February from a ransomware attack.

The attack, that involved the use of a form of the IEncrypt ransomware, is said to have hit the company in late March and resulted in more than 200 servers and networked computers displaying the same message: “your network was hacked and encrypted.” The message then went on to demand that a ransom payment be paid to solve the issue.

According to TechCrunch, it took five days before Arizona Beverage brought in incident responders to handle the outbreak. Those responders found that “the back-end servers were running old and outdated Windows operating systems that are no longer supported” and that “most hadn’t received security patches in years.”

The story gets worse, with the report claiming that Arizona Beverages were completely unaware of the hack and only found out about it after being informed by the Federal Bureau of Investigation.

“This is the unfortunate price companies pay when they fail to maintain their systems. At this point, there is no excuse,” Daniel Smith, head of threat research at Radware, told SCMagazine. “There have been dozens of events over the years that should have triggered an internal review or general cause for concern at Arizona Iced Tea. Every hack should be a learning moment for the security team and the industry at-large.

Although all ransomware is nefarious, IEncrypt is a particularly insidious form of ransomware, described by some security experts as a “very unpredictable infection.”

“IEncrypt is relatively new strain of ransomware first introduced in November of 2018,” Allan Liska, senior solutions architect at Recorded Future, told SiliconANGLE. “It has hit very few targets, this is the first target publicly exposed.”

“IEncrypt appears to come from the Dridex team, which are the same team behind Locky and BitPaymer,” Liska explained. “Unlike BitPaymer, IEncrypt appears to be delivered via phishing campaigns.”

The Dridex team was previously in the news when they were claimed to be behind ransomware that crippled the Professional Golfers Association of America.

Photo: MobiusDaXter/Wikimedia Commons

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU