Ransomware continues to ravage the world.
One of the latest victims is Pitney Bowes, the technology company known for its postage meters and shipping and e-commerce services. It has clients around the world, including 90 percent of the Fortune 500.
Cyberattack at Pitney Bowes: what happened?
The company posted a morning update about a cyberattack with limited details it is sharing right now. Here's a look:
"Pitney Bowes was affected by a malware attack that encrypted information on some systems and disrupted customer access to some of our services. At this time, the company has seen no evidence that customer or employee data has been improperly accessed.
Our technical team is working to restore the affected systems, and it is working closely with third-party consultants to address this matter. We are considering all options to expedite this process and we appreciate our customers’ patience as we work toward a resolution."
The organization also offered a few more details about its incident response in the cyber incident notice FAQ section:
"Upon discovery of the cyberattack, we immediately assembled our Enterprise Outage Response Team to address the situation."
So it sounds like the company had an incident response plan ready to go.
[What is a key factor in the success of incident response? Listen to cyber attorney Shawn Tuma explain in this SecureWorld Sessions podcast.]
Pitney Bowes cyberattack: services impacted
Although some services are operating trouble-free, the impact of the attack on Pitney Bowes is far-reaching, according to its system update.
- Fulfillment, Delivery, and Returns clients were impacted
- Presort services were impacted
- Software and Data Marketplace downloads are unavailable
- Your Account and some of the product support pages are unavailable
- Clients are unable to refill postage or upload transactions on their mailing machine
- SendPro Online in the UK and Canada
- Your Account and the Pitney Bowes Supplies web store cannot be accessed. This in turn impacts clients subscribed to AutoInk and our Supplies App.
Ransomware attacks: 'heavily weaponized'
Some variants of ransomware were crude when launched, but the sophistication level has continued to increase.
Chris Morales, Head of Security Analytics at Vectra, puts it like this:
"Modern ransomware has been heavily weaponized, has a sweeping blast radius, and is a staple tool in the attacker's arsenal. In a call to arms, cloud and enterprise organizations everywhere are scrambling to detect and respond early to ransomware attacks.
Attackers can cause significantly more damage and make far more money by encrypting multiple file servers and databases. The best form of protection is to identify the early signals of an attack before the ransomware starts encrypting network file shares."
We'll update this story with new information when we have it.
[RELATED: Doctors Quitting Due to Ransomware Attacks]
