Following the multi-day downtime, including the disruption in the order processing and delays in shipments, Ingram Micro confirmed that a major ransomware attack was the cause of the issues.
While the company revealed that it has taken all the immediate steps to tackle the issue, the market reacted with FUD, resulting in a 4% drop in the Ingram Micro Holding Corporation (NYSE: INGM) stock.
Let’s dive deep into how the ransomware attack was orchestrated, how the company reacted, and how to secure yourself if you are a victim.
How the Ingram Micro Ransomware Attack was Orchestrated?
An official statement detailing the attack hasn’t yet arrived from Ingram Micro. However, there are various cybercrime experts and market observers who have studied the issue, primarily collecting data from the attack screenshots, customer opinions, and various employees.
When the developers came to know about the attack, they immediately went offline to stop the actions of the attackers, resulting in an outage. The outage began stretching into the next few days, increasing the frustration of customers. Various sources later revealed that the employees of the company received ransom notes on their computers.
Attack is Associated With SafePay Ransomware
According to BleepingComputer, the ransom notes are associated with SafePay ransomware, a concerning new player in the space. Usually, it works by encrypting files with the .safepay extension and leaving a ransom note through a text file. It might have infiltrated the company systems through GlobalProtect VPN.
While the details about the attack have not yet been disclosed publicly by Ingram Micro, the employees were told to stop using GlobalProtect VPN, and many of them were sent to work from Home.
Critics argue that Ingram Micro, being such a giant IT distribution company, should have communicated the ransomware attack to the public as early as possible because it is a proven strategy to shut down the attacks.
In Saturday’s statement, the company said that it has launched an investigation with the help of cybersecurity experts and lodged a complaint with law enforcement. No further action has been made public till now.
How to Secure Yourself from Ransomware Attacks?
First steps to prevent ransomware attacks should come from the customer side because most of these crimes utilise ignorance from the users as a primary means of infiltration. Apart from businesses and institutions, it affects individuals regularly. Here are some steps that can be taken to prevent it to an extent:
- Always scan, check the source, and do a spam analysis before opening any files you receive via email.
- Install a trustworthy antivirus software and regularly update it.
- Back up if you have any important data, and secure it on the cloud or any additional devices.
- Add extra layer protection by enabling Multi-Factor Authentication (MFA).
- Double-check the genuineness of the VPN you are using.
- Always avoid Public Wi-Fi connections while doing sensitive activities.
- Install software only from officially verified sources.
- If any of your devices is infected, try to isolate it by making it offline.
- If the malware starts asking for ransom, immediately seek professional help instead of paying.
More on This Topic: Why Google Wants You to Upgrade Gmail Security (Passkeys & 2FA Guide)
About Ingram Micro
Founded in 1979 by Geza Czige and Lorraine Mecca, Ingram Micro is one of the world’s leading distributors of IT products such as security solutions, cloud infrastructure solutions, business applications, communications and collaborations, backup and disaster recovery, professional services, management and training solutions, digital solutions, and managed services.
Operating across 57 countries, the company has a strength of over 24,000 employees, serving millions of customers. The company is publicly traded on the New York Stock Exchange with the ticker symbol “INGM.”
