If Hank Williams Jr. was writing this story about a ransomware attack at Scotland's Isle of Arran Brewery, we imagine him saying it like this:
"There's a tear in my beer... 'cause we've got ransomware here..."
Can't you hear it?
One thing we're definitely hearing on the road at SecureWorld cybersecurity conferences this year: Ransomware is becoming more targeted. And this case is proof of that.
The fine folks at the Scottish craft brewery posted a job opening on the brewery website. Here it is:
Emails with resumes attached started coming in, all legitimate, except for one, which was actually from a hacker that had discovered the job opening.
Arran Brewery managing director Gerald Michaluk talked to the BBC about what happened:
"We were getting three or four emails a day, all with attached CVs. The virus was in amongst the genuine job seekers, and when the CV was opened it took effect.
I hope if anyone finds themselves in a similar position they can recognise the MO of these bandits and not have the same issues we have had."
The hackers demanded a 2 Bitcoin ransom, which at the time was approximately $13,000 US.
The brewery did not pay the ransom, and lost three months worth of sales data as a result of the ransomware attack.
The case is a reminder that organizations, regardless of size, are increasingly being targeted based on information they post. Things such as:
• Job openings
• M&A activity underway
• New physical structures being built
• Company events or press releases
You can learn more about what's happening in this area of cybercrime by watching our free 2018 web conference on demand: "Ransomware: The Not So Good, the Really Bad, and the Truly Ugly."