Earlier this month, Japanese electronics company Casio was hit by a cyberattack that led to the shutdown of parts of its digital infrastructure. Now, almost a week after the incident, Casio is struggling to overcome the damage.
Ransomware group ‘Underground’ claimed responsibility for the attack and shared examples of alleged stolen data on its dark website. This is what a Casio spokesperson said TechCrunch that the company does not see an end to the outage in the near future and that several systems are still unusable after the servers were disconnected to prevent the damage from spreading.
“This countermeasure will impact receiving and placing orders with suppliers and scheduling product shipments,” said Casio’s Ayuko Hara. “There is no prospect of recovery yet, but we are prioritizing our customers as we continue our recovery.”
Long road to recovery
Casio is said to have lost sensitive data from employees, business partners, job applicants and contractors in the attack. Fortunately, the company confirmed that no customer credit card information was collected.
So far, Casio has not confirmed the ransom amount nor has the cybercriminals been contacted. The issues appear to be mainly affecting Japanese customers as shipping has been postponed indefinitely, but internal system glitches appear to be the main concern.
It is not uncommon for recovery from a ransomware attack to be a lengthy and expensive process, with the average incident costing $3 million and almost a month to recover. During a ransomware simulation organized by Orange Cyberdefense and attended by Ny Breaking it explained that “recovery is a marathon, not a sprint,” and that while paying a ransom may get victims a decryption key, it can take months to fully recover data, and even longer to return to normal of business
The advice from law enforcement and cybersecurity experts is generally that organizations should refrain from paying the ransom, as this encourages cybercriminals and adds fuel to the fire. But it is certainly not an easy choice.
By always having contingency plans ready and robust cybersecurity measures in place, this is the most companies can do to protect themselves from attacks. Being vigilant and ensuring all employees are trained and informed will protect potential entry points.
Via TechCrunch