It has been reported that Campari Group, the famed Italian beverage vendor behind brands like Campari, Cinzano, and Appleton, has been hit by a ransomware attack and has taken down a large part of its IT network. The attack took place last Sunday, on November 1, and has been linked to the RagnarLocker ransomware gang, according to a copy of the ransom note shared with ZDNet by a malware researcher. The RagnarLocker gang is now trying to extort the company into paying a ransom demand to decrypt its files. But the ransomware group is also threatening to release files it stole from Campari’s network if the company doesn’t pay its ransom demand in a week after the initial intrusion.
This recent ransomware attack on Campari shows that cybercriminals are not just interested in targeting technology companies. In fact, any and every individual who owns a laptop or a mobile phone is a possible target. However, individual targets are only lucrative at scale. As such, bad actors tend to go for large organisations such as Campari where they can get \”more bang for their buck\”. Indeed, they could demand a ransom worth millions, if they succeed in infiltrating a device with high-value data. A ransomware attack could see this data encrypted and result in a complete halt on business operations until the organisation pays for a decryption key or they find a way out of the attacker\’s clutch (this is why backups are of critical importance). Unfortunately, very few have succeeded with the latter strategy. Organisations must be on guard to prevent attacks, but they must also have a plan in place in the event of an attack. Organisations need to also think about the resilience of their network and the devices within it, particularly in today\’s remote working environment where the network extends into home networks.