Jack Daniel's Manufacturer Was Target of Apparent Ransomware Attack

Brown-Forman, a manufacturer of alcoholic beverages including Jack Daniel's and Finlandia, said it was hit by a cyber-attack in which some information, including employee data, may have been impacted. From a report: The company, which is based in Louisville, Kentucky, said in a statement it was able to prevent its systems from being encrypted, which is normally caused by ransomware attacks. It provided few other details about the incident, including when it happened or how the hackers accessed the data. "We are working closely with law enforcement, as well as world class third-party data security experts, to mitigate and resolve this situation as soon as possible," the company said. "There are no active negotiations."

Re:

[BrainJunkie]

This is a very good observation

Nice one Tell them to just jack off!

[Joe_Dragon]

Nice one Tell them to just jack off!

Good for them

[OldMugwump]

I'm happy to see there is at least one US firm that has offline backups. Maybe the Garmin thing taught people a better-late-than-never lesson.

Re:

[thegarbz]

Must have been an accident. An IT employee sampling products on the job and accidentally hit the eject button on the tape drive.

Or they have Crowdstrike or similar

[raymorris]

Crowdtrike is one security product that will prevent the data from being encrypted, in most cases.

Their detection method can also false positive and think Microsoft's distributed file system (DFS) is a ransomware after last week's update. This in turn can cause me to have a long day yesterday, but it'll stop ransomware immediately.

Any makers of agent-based security software who want to be able to immediately stop ransomware can contact me for the details of how to detect it in a way that applies to large va

Re:

[hcs_$reboot]

think Microsoft's distributed file system (DFS) is a ransomware

It's not?

Re:

[Solandri]

While backups are good and I wholeheartedly endorse them, at some point we need to stop blaming the victim. Realize that there are vanishingly few reasons for a program or process to modify every single file. Either specifically code OSes to halt such operations and throw up a confirmation dialog before continuing. Or add a new file attribute (something like "immutable") to files which are never or rarely meant to change, which forces a confirmation dialog popup before the file can be overwritten or delete

Want this bullshit to stop?

[Rosco P. Coltrane]

I say make computer security a legal liability.

If a company is successfully attacked by ransomware and employee data is compromised, the employees should be able to sue their employer for damage. The employer would then have to prove they did everything they could to secure the data.

If they can prove the IT was sound, the employer should then ba able to turn around and sue the software manufacturer, whose product was exploited. In turn, if the software manufacturer can prove their software was developed with security in mind, and the exploit was done through a CPU flaw for example, they should be able to sue the CPU maker.

It'd be a chain of liability, in which all the actors are required to prove they used best practice, and the offenders face fines and jail time. I guarantee you, with a law like this, you'll suddenly see an entire industry appear, dedicated to professionalizing IT security across the board - schooling people in security in development, IT deployment and administration, quality certification and security audits... Everybody in the IT sphere would suddenly raise in competency, their wages would go up, and malware attacks would go down dramatically.

But as long as it's handled by dudes who do their best without really knowing what they're doing, and risk nothing when something goes south, this sort of shenanigans will keep on going.

and IT unions!

[Joe_Dragon]

and IT unions!

Re:

[rtb61]

It is unfortunate but it will require custodial sentences. Tech companies time and time again have actively broken the law, got caught and paid a minor fine, which is exceeded by the income generated by breaking the law. No executive decision maker custodial sentences no change in behaviour, those sentences should also apply to board members for their failed jurisprudence they are appointed to oversee the legal functioning of that corporation, they were criminally negligent in that role.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[earl pottinger]

Listen, time and time again the IT people ask for money for backup system, ask for money for protection systems, ask for money for just doing basic audit and configuration of systems, and the answer is always the same. "Everything has be working fines for years, we do not see the need to budget the extra money to fix problems we do not see.". It does not matter who you hire is you do not listen/support them.

Re:

[tlhIngan]

I say make computer security a legal liability.

If a company is successfully attacked by ransomware and employee data is compromised, the employees should be able to sue their employer for damage. The employer would then have to prove they did everything they could to secure the data.

If they can prove the IT was sound, the employer should then ba able to turn around and sue the software manufacturer, whose product was exploited. In turn, if the software manufacturer can prove their software was developed wit

Somethin' better

[sound+vision]

People might have to drink good liquor now! Lately I've been drinking calvados with soda water. Jack & Coke tastes like bathtub gin or bum wine in comparison.

Re:

[teg]

People might have to drink good liquor now! Lately I've been drinking calvados with soda water. Jack & Coke tastes like bathtub gin or bum wine in comparison.

Quality calvados is really nice, but please stop destroying it with soda water. That's blasphemy similar to mixing a good single malt whisky with coke. Just don't.

Yes, they got pwned

[gavron]

Reading between the lines:

- Some data WAS encrypted, but they stopped all of it from getting encrypted.
- Employee data was encrypted. They paid off the hackers to get it back.
- They're not CURRENTLY negotiating with the hackers. They paid. Got the keys. Decrypted. Done.
- The hackers didn't release "all the data we downloaded" - because they got paid.

It doesn't help other companies, other sysadmins, or other people in security positions when companies pretend they magically got around an attack like thi

backups

[DrYak]

Or, you know, maybe they actually have a proper backup system in place?

If the backup system is clearly append-only, and if they practice proper tape rotation, and they test the backups, there will be little bit lost here and there, but most of the disaster will be solved with just the IT department grumbling about the extra work.

Re:

[earl pottinger]

That is what I don't understand. While it costs more money for an append-only backup system does not have to be that expensive to setup and run properly. Any ransomware dies against such a setup. On the other hand, after watching people loses months worth of data just because the backup system was cheap and handled wrong I don't have much hope in a proper system being setup in the first place.

Re:

[thegarbz]

Reading between the lines:

Or you could just read the last line where the hacker said they got nothing. But that's not as fun. Let's go back to reading between the lines: This is just an attempt by Joe Biden to cut off Trump's alcohol supply. Another example of external interference in our elections!

Re:

[1s44c]

If you can't tell these apart maybe corona has destroyed your sense of taste.

Johnny Walker is actually Scotch. Blended Scotch, but still scotch.

Finlandia

[TD29]

Finlandia is a brand of vodka produced in Finland from Finnish-grown six-row barley and glacial spring water. The barley is distilled into a neutral spirit using a continuous multi-pressure distillation system at a distillery in the village of Koskenkorva in Ilmajoki, operated by Finland's Altia Corporation and Imported by Brown-Forman