Kentucky-based Brown-Forman was recently struck by REvil ransomware, also known by the Sodinokibi moniker. The spirit manufacturer said it prevented the ransomware group from encrypting systems and revealed they aren’t negotiating with the attackers, who managed to copy 1TB data and are now threatening to release it.Â
Brown-Forman, owner of Jack Daniel’s, Finlandia and Old Forester is the latest to have been targeted by ransomware. While the extent of the attack is unclear at the moment, the spirit manufacturer did manage to ward off the threat by blocking out encryption, that is the modus operandi of attackers. However, it is suspected that information including employee data may have been compromised.
Brown-Forman revealed that no negotiations are ongoing.
Meanwhile, threat actors behind the attacks anonymously revealed in an email to BloombergOpens a new window that they managed to copy 1 terabyte of Brown-Forman data. As is the case with most ransomware attacks, the group promised to leak the information online. The anonymous group in the email said, “An attempt at dialogue with the company did not bring any results.â€
See Also: Blackbaud Hack Sparks Identity Theft Fears
Based on the link the anonymous party shared, Bloomberg assessed that the group behind the attack was REvil, also known as Sodinokibi ransomware.Â
Sodinokibi or REvil ransomware was detected in April 2019 by Cisco Talus which successfully targeted and encrypted forex company Travelex’s network and exfiltrated over 5 gigabytes of personal data in January. Following that, Travelex paid $2.3 millionOpens a new window . More recently, REvil was reportedly behind the attacks at a celebrity law firmOpens a new window Grubman Shire Meiselas & Sacks where they got their hands on 756 gigabytes of client data. Sodinokibi also started auctioning off dataOpens a new window of a Canadian agricultural company. REvil is a ransomware-as-a-service and victimizes Windows systems.
See Also: ESET Report Finds Android Crypto Ransomware Spreading Through Contact Tracing App
Auctioning off data has become a new tactic to coerce victims into accepting the demands and forking out ransom to restore systems and data. By thwarting off the attack’s encryption threat, Brown-Forman managed to preserve the integrity of its system and network.Â
Brown-Forman stated, “We are working closely with law enforcement, as well as world class third-party data security experts, to mitigate and resolve this situation as soon as possible.â€
Let us know if you liked this news on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!