Top storiesNew ZealandPoliticsBusinessEntertainmentSportsWorld

Flower company New Zealand Bloom targeted in ransomware attack

Wednesday, 18 November 2020

New crime gang is racking up ransomware victims at an “unprecedented rate”, says Emsisoft threat analyst Brett Callow (file pic).
New crime gang is racking up ransomware victims at an “unprecedented rate”, says Emsisoft threat analyst Brett Callow (file pic).

Flower wholesaler New Zealand Bloom has had documents leaked onto the internet after suffering a ransomware attack.

Managing director David Ballard said the consequences of the attack were not serious as only an old server operated by its Los Angeles office had been compromised.

The data it stored was very old and the information the extortionists had leaked online was not sensitive, he said.

New Zealand Bloom had decommissioned the hacked server and had not contemplated paying a ransom, he said.

**READ MORE:

* Media monitoring firm Isentia hit by cyber attack

* Growing concerns over ransomware payments puts NZ cyber insurers on the spot

* Ransomware group threatens to 'auction' confidential Lion files if $1.25m ransom not paid

* Fisher & Paykel Appliances a victim of ransomware scourge

**

“We don’t know how they got in but my understanding is it is normally through phishing-type operations.

“Obviously it is not good to have a breach – not pleasant at all – but it has been resolved as far as I can make out,” he said.

Brett Callow, a threat analyst at cyber security firm Emsisoft, said the group claiming responsibility for the crime, Egregor, was racking up victims at an unprecedented rate.

“It seems that the ransomware may be the work of the now defunct Maze group and/or that previous Maze affiliates have moved over to Egregor taking compromised but not-yet-exploited networks with them,” he said.

Callow has backed growing calls for the Government to make it illegal for businesses and other organisations to pay cyber ransoms or to facilitate their payment.

He says it is the only way to stop attacks and prevent crime gangs becoming ever-better resourced.

Such a change could have implications for digital currency exchanges and companies that offer hacking insurance such as IAG.

Ballard said although he was not an expert, a rule change seemed to make sense to him.

“If you were a company that had its entire operations tied up, it could destroy the business and you might feel differently, so it is not an easy one to answer – but there is certainly logic to it.”