Diamond Comic Distributors has reported it had suffered a ransomware attack that temporarily took down the company’s website and disrupted its ability to process customer orders.
Diamond Comic Distributors is a top middleman for transporting Marvel, Dark Horse, and Image comics and graphic novels to retail stores, so the disruption risks impacting numerous global markets.
Looking at this less than amusing comic caper for Digital Journal is Troy Gill, Senior Manager of Threat Intelligence at Zix | AppRiver.
Gill begins by looks at the nature of the attack: “Ransomware is a costly and destructive threat to organizations. With the increasing rate of ransomware attacks, it isn’t matter of if an organization will experience an attack, but when.”
With the specific incident, Gill finds: “Unfortunately for Diamond Comic Distributors, they learned that a ransomware attack can have significant impact on a company’s ability to continue normal operations and distribute product, especially compounded with increasing supply chain issues.”
Gill says that there are lessons to be learned across the business world stemming from this attack, observing: “While the details of the attack have not been disclosed, this is a great reminder for companies to examine their email security solutions. Organizations can improve their security posture by deploying an email security solution that’s capable of scanning incoming email messages for phishing campaign patterns, malware signatures, and other threat indicators—all while allowing legitimate correspondence to reach its intended destination.”
In addition, Gills say to utilizing outside security services “Companies need to educate employees on security best practices to help maintain the integrity of the organization including encouraging employees to flag suspicious messages and attachments received via email.”
In terms of focused measures, Gill recommends: “Organizations should make sure they are following security best practices including implementing and enforcing two-factor authentication (2FA) or a multi-layered authentication (MFA) protection.”
Furthermore, to be even safer Gill says: “Companies should also deploy regular security audits to identify vulnerabilities and suspicious user behavior and ensure business-critical data is being backed up accurately and regularly. It is a company’s responsibility to have best proactive and reactive security measures in place so that when faced with a cybersecurity breach, an organization can reduce the recovery time and restore business quickly.”