Starbucks, Supermarkets Targeted in Ransomware Attack

Starbucks and several major UK supermarkets Ransomware attack Well-known supply chain software provider Blue Yonder. company disclosed the incident On Thursday, November 21, the company was still working to restore service the following Monday.

The outage on the Blue Yonder platform left Starbucks unable to pay baristas and manage their schedules. wall street journal. As a result, cafe managers must manually calculate employees’ wages based on scheduled shifts, with a large margin of error as actual working hours may not be consistent.

Two of the UK’s largest supermarket chains, Sainsbury’s and Morrisons, have also been affected, according to Trade Magazine. grocery store. According to TechCrunch, Sainsbury’s said it had put contingency measures in place to mitigate any disruption and had resumed all operations by Monday.

look: Software supply chain attacks increased by 200%

“Termites” claimed responsibility, but investigation is still ongoing

According to reports, ransomware group Termite claimed responsibility for the attack in a post on its dark web leak site. Cybersafe Diving. It claims to have 680 GB of Blue Yonder data.

Termite used the “notorious” Babuk ransomware to target organizations in France, Canada, Germany, Oman and the United States, according to one agency. Security Notice From Broadcom. The group steals sensitive data while encrypting files, adding a signature “.termite” extension, and threatens to leak the stolen information if a ransom is not paid.

The organization’s managed services hosting environment for Blue Yonder, but its Azure public cloud was not affected. Blue Yonder hired an outside cybersecurity firm to address the incident, saying “the vast majority of [its] Service has been restored to affected customers. But as of December 12, its investigation was still ongoing.

Morrisons resumed using backup systems to manage its warehouses but said the attack affected the flow of goods across its stores. One of its suppliers said that Friday’s frozen orders were canceled due to the incident, and the supermarket expected that the supply of some convenience and wholesale products may drop to 60%.

On December 11, Starbucks confirmed Cybersafe Diving Its Blue Yonder-based employee scheduling platform is back in action.

look: Cybersecurity experts say paying ransom should be your last resort

Supply chain ransomware attacks are on the rise

In recent years, supply chain attack It has become an issue of increasing concern in the field of network security. Right attack solar wind, Log4jCodecov is famous. Supply chain attacks are particularly attractive to cybercriminals because they can offer multiple rewards for a single breach.

Thirty-one percent of organizations According to AppOmni, software-as-a-service data breaches increased 5% in the past 12 months compared to the previous year.

look: Number of active ransomware groups hits record high

This surge may be related to the lack of visibility of the increasing number of deployed applications. Onymos says the average business now relies on Over 130 SaaS applications In 2020, there were only 80.

last year, British Airways, BBC and Boots all given ultimatum They were hit by a supply chain attack by the ransomware group Clop. Klopp took advantage SQL injection vulnerability In the popular commercial software MOVEit, and access its server to steal commercial data.

Ransomware attacks are also on the rise. Microsoft reported Grow 2.75 times ransomware attempts this year, and in the second quarter of this year Number of active ransomware gangs hits record high. indeed, Artificial intelligence may lower barriers to entry to launch these attacks, thereby expanding the pool of people who may be able to carry out such attacks.

Global ransomware payments Breaking through $1 billion for the first time By 2023, the phenomenon of “big game hunting” (where large organizations hunt down large organizations and demand ransoms exceeding $1 million) has become increasingly common, with affected organizations often willing to pay the ransom.