Barnes & Noble in recent ransomware attack Special

Posted Oct 19, 2020 by Tim Sandle
Barnes & Noble may have suffered a recent ransomware attack. This news comes after it was revealed that the U.S. government took direct action to disrupt a botnet which has generally been used in ransomware attacks.
JHU Barnes & Noble Bookstore in 2008.
JHU Barnes & Noble Bookstore in 2008.
HopkinsDad (CC BY 3.0)
Barnes & Noble is a major U.S. bookseller that stocks over one million titles for distribution worldwide. In the digital age, this include e-books, which provide an alternative to paper books. The Barnes & Noble e-book reader is called the Nook.
According to Bleeping Computer, Barnes & Noble experienced a number of cross-media of outages. This led to some customers being unable to access their Nook libraries and other clients were unable to log in to the platform. Other issues reported included connectivity issues.
Behind this outage and loss of services was an apparent ransomware attack. System were restored two days later. According to ZDNet, the cause of the disruption was a ransomware attack.
Commenting on the incident for Digital Journal is Ben Goodman, CISSP and SVP, Global Business and Corporate Development, ForgeRock.
Goodman places the incident within the area of vulnerability afflicting digital retail services. Goodman notes: “With online shopping surpassing traditional brick-and-mortar in popularity right now, corporations must be extra cautious with their customers’ personal information as we have seen a drastic surge in cyberattacks this year."
Goodman also sees the issue are twinned with the advance of digital technology: "Prior to the pandemic, in Q1 2020 alone, the retail sector had over 400 million records breached – the second highest number of records impacted behind the healthcare industry. "
The analyst also says we can expect more of these types of attacks: "As these numbers only increase, it is up to retailers to minimize security risks that could not only harm their customers, but could also result in financial and reputational damages."
In terms of preventative actions, Goodman recommends: "Organizations can deploy customer identity and access management tools that will not only detect unusual behavior, but also ensure intelligent, contextual, and continuous security.”