Warehouse management software biz SnapFulfil hit by ransomware: It's not just the big dogs getting KO'd

I get knocked down, but I get up again... eventually

4 Reg comments Got Tips?

A UK cloud-based warehouse management software provider was struck by ransomware earlier this week.

Emails from SnapFulfil, a trading name of Synergy Logistics, sent to its customers late last week and shown to The Register, revealed how a ransomware attack targeted the company's services, disrupting warehouse operations for at least one of its customers.

"We have been targeted by a ransomware attacker. We believe the data is safe. All the work done over the last few days has included additional security and changes to mitigate another attack," said one email shown to El Reg.

Although later messages referred to a second attack, we understand this was sent in the heat of the moment and that the attacker did not, in fact, come back for a second go. The ransomware infection otherwise bears the hallmarks of so-called drive-by ransomware, where a company may fall victim to something as simple as opening an infected email attachment.

A Register reader whose firm uses SnapFulfil's services mused to us: "For a distribution business to have the warehouse management system disappear is a total nightmare, as we're unable to process many of the customer orders." The reader, who spoke on condition of anonymity, continued: "Some of these orders may be for many thousands of pounds."

In a statement Synergy Logistics told The Register: "We have been working in partnership with the National Crime Agency and the National Cyber Security Centre to restore our systems and mitigate impact for our customers. The majority of our customers are now fully operational and safeguards have been put in place to minimise the risk of future malicious attacks."

Bad times for big and small alike

Ransomware is not only the topic du jour in infosec circles but it is one that captures the public imagination, with amoral criminals making demands amounting to millions of pounds in some cases in order to decrypt victims' files.

An alarming trend is for big companies struck by ransomware to take the easy way out and buy off the crooks.

ransomware locks up pc

Think carefully about cyber insurance, says NCSC. But don't worry about buying off ransomware crooks

READ MORE

Britain's National Cyber Security Centre has pointedly refused to condemn the practice of buying off criminals, or of taking out cyber insurance that pays ransoms on your behalf. From a business continuity point of view, if none other, this stance makes sense.

Infamously, cloud CRM provider Blackbaud paid off a ransom earlier this year after securing pinky promises from the criminals that they would delete copies of stolen data. Companies who outsourced data to Blackbaud included many British universities, the Labour Party, the National Trust and other so-called "third sector" charitable and voluntary organisations.

Take the threat seriously. No matter how small or insignificant your enterprise is, you're still a target for this scourge of modern commerce. ®

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER


Biting the hand that feeds IT © 1998–2020