Flavor and fragrance developer Symrise has suffered a Clop ransomware attack where the attackers allegedly stole 500 GB of unencrypted files and encrypted close to 1,000 devices. Symrise is a major developer of flavors and fragrances used in over 30,000 products worldwide, including those from Nestle, Coca-Cola, and Unilever. Symrise generated €3.4 billion in revenue for 2019 and employs over 10,000 people.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
<p style=\"font-weight: 400;\">The Symrise ransomware attack that Clop Ransomware has now claimed responsibility for is another reminder that ransomware operators have changed their tactics and become far more targeted in their attacks. According to the ransomware gang, they were able to infiltrate the network of Symrise through phishing attacks and therefore steal personal information such as passport scans, emails and accounting documents.</p> <p style=\"font-weight: 400;\"> </p> <p style=\"font-weight: 400;\">With attacks such as this one, the performance and analytical power of AI is needed to detect the indicators of ransomware behaviours and unusual activity within a network and the cloud. AI allows a faster, broader detection than humans and traditional signature-based tools simply cannot achieve.</p> <p style=\"font-weight: 400;\"> </p> <p style=\"font-weight: 400;\">Ransomware will continue to be a potent tool in cybercriminals’ arsenals as they attempt to exploit, coerce, and capitalise on organisations’ valuable digital assets. Organisations need to find a way to quickly and accurately detect and respond to the early stages of a ransomware operation compromising their systems.</p>
<p>Ransomware brings organizations grinding to a halt, causing havoc and shutting down business function in the worst instances. This is of particular concern for manufacturers and developers such as Symrise, for whom just-in-time supply chains mean a total shutdown constitutes a serious problem, for them as well as most likely for other companies at various stages of the supply chain. Organizations can pro-actively defend against Ransomware by having crisis management in place that practice scenarios involving Ransomware. Key learnings come from crisis management table top exercises including business continuity gaps. That this particular ransomware uses an auction system will only make it profitable, and therefore more popular. The best defence against ransomware is a robust Business Continuity Plan which includes regular backups, version control and thorough testing of disaster recovery procedure]s. Companies that leverage cloud-based storage and automatic synching from end point devices will be well-placed to recover from such attacks, but should practice the recovery procedure to minimize downtime if an attack does occur. Rebuilding Customer Trust will be critical to Symrise future brand success and this can be achieved with transparent constant communication as well as continued investment in CyberSecurity. Considering should be given to partnering with Trusted Security expertise who can support Symrise rebuild this trust and their success.</p>