- ASBIS CZ was crippled by ransomware actors who now threaten with DDoS and data leaks.
- The firm won’t succumb to blackmailing attempts and instead will restore from backups.
- The CEO stated that the event empowered them in terms of understanding security better.
The Czech branch of ASBIS, a Limassol-based IT product (software, hardware, smartphones) distributor, was crippled by a ransomware attack that has halted sales and has the incident response teams working hard to restore everything from backups. CEO Petr Jandik gave a short interview on local media to explain the situation, and he said that the firm is being held for ransom and on the typical threat of sensitive data leaks and also DDoSing.
The attack occurred at the start of the month, but the company is still in the process of recovering. According to Jandik’s statements, they will not pay the demanded amounts, and they won’t even negotiate any solution with the actors. Instead, ASBIS is working closely with the Czech Republic Police and follow their instructions.
The company hasn’t bothered to estimate damages yet, as they are still restoring systems and implementing additional security measures, but they are losing significant amounts in sales. This is a period of unprecedented demand for consumer tech, so it comes at the worst possible time. Also, it is precisely why ransomware actors are targeting these companies in the first place. We saw a similar example a few weeks back with ‘Asteelflash,’ so it’s clear that cyber-gangs have turned their attention to hardware providers.
Jandik points out that the incident was an awkward moment for the ASBIS CZ team, which is not used to this type of situation. However, he stated that the response was timely and that everything was dealt with within a few minutes. They are now in a position to share the teachings of this unpleasant experience with their partners and do consultations on how to achieve better security against ransomware attacks.
Before that, though, the systems will have to come back online, and as Jandik says, this is unfortunately not a matter of a few clicks. Companies that use complex and comprehensive systems cannot just restore from a backup and get back to work. As the CEO stated, possibly, the e-shop will open in the next couple of days, followed by the rest of the web portals that are still offline. Even then, some products may be missing labels, descriptions, etc., so leniency is requested.