5 minutes with cybersecurity companies Glasswall and Egnyte

Share
Glasswall and Egnyte share their views on the recent ransomware attack which halted production of products such as Nerds and Laffy Taffy.

Ferrara Candy, the candy giant behind Nerds, Laffy Taffy, Now and Laters, SweetTarts, Jaw Busters, Nips, Runts and Gobstoppers, announced that it was hit with a ransomware attack just weeks before it prepares for one of its biggest holidays: Halloween.

The attack was detected by the Illinois-based company on October 9 when it encrypted several of Ferrara’s systems. Ferrara is working with authorities to recover the affected systems and return to full capacity of operations. 

Cybersecurity companies Glasswall and Egnyte share their opinions on the attack.

Glasswall's CEO, Danny Lopez, says: "It's likely no coincidence that attackers are hitting a candy company's supply chain just before Halloween, knowing full well the urgency and demand at this time of year will increase the likelihood they'll get the payment desired. Ferrara, however, is not alone. Ransomware attacks across industries are on the rise.

"Organisations need to adopt robust processes for onboarding and offboarding employees and affiliates that may receive access to key information systems. It's vital to control privileged access and to monitor those that enjoy that administrator privilege. Ensuring that multi-factor authentication is enforced wherever possible, is a vital defence where user credentials find their way into the public domain. This will help to limit the blast radius, and in most cases, defeat the data breach.

"Even if all procedures and policies are well executed, then there's no escaping the fact that adversaries are constantly looking to probe vulnerabilities and to insert malware into the environment, often using everyday business documents which we all use. It's vital that critical infrastructure organisations invest in cyber protection services that stay ahead of attackers by eliminating the threats while still allowing employees to do their vital work.

"Attacks like these demonstrate that a traditional castle-and-moat approach to network security leaves organisations exposed. Zero trust security sees the world differently. No one is trusted by default, regardless of whether they are inside or outside a network. In a world where data can be held amongst multiple cloud providers it is crucial to strengthen all processes relating to access verification. Without a zero trust approach organisations run the risk of attackers having a free reign across a network once they are inside.” 

Neil Jones, Cybersecurity Evangelist at Egnyte says: "The recent Ferrara Candy ransomware attack, along with the JBS and Colonial Pipeline cyber attacks that preceded it, demonstrates that your organisation needs to make cybersecurity a Boardroom priority, if you haven't done so already.

"For years, cybercriminals have attacked targets for financial gain, but now we're seeing an alarming pattern of debilitating attacks on our food, critical infrastructure, and IP supply chain, which can have a crippling impact across the US economy. While advocating support from your executive team, you need to implement proactive data hygiene and protective behaviours, such as patching your CVEs and hardening your databases now. It could be a real lifesaver."

About Glasswall 

Based in the UK, Glasswall protects organisations from file-based threats and is recognised in the field of content, disarm, and reconstruction (CDR). Recently, the company has secured £18 million funding in additional equity capital to finance its continued expansion.

About Egnyte

Egnyte is a global software company that provides a cloud platform for enterprise file synchronisation and sharing as well as content and data governance for business customers.

Share

Featured Articles

Resilience: Firms Fail to Grasp Cyber Financial Impact

Resilience and YouGov survey reveals 74% of mid to large UK businesses face cybercrime, while ransomware understanding lags behind data breach concerns

SonicWall and CrowdStrike Unite for SMB Security Service

SonicWall partners with endpoint protection specialist CrowdStrike to offer managed detection and response capabilities through managed service providers

FS-ISAC CISO Talks Cyber Strategies for Financial Providers

FS-ISAC CISO JD Denning explains the cyber strategies financial providers need to adopt in order to stay afloat in the wave of cyber attacks

Darktrace Reports 692% Surge in Black Friday Cyber Scams

Cyber Security

KnowBe4 Launches AI Agents to Counter Phishing Threats

Technology & AI

Gen Reports 614% Rise in Command Prompt Manipulation Scams

Cyber Security