E-readers may be convenient, but the reading of online material is not immune from cyberattack. This is demonstrated by a collection of European bookstores being forced to take their IT infrastructures offline after a ransomware attack.
The incident happened after a ransomware attack crippled the IT systems of TiteLive, a French company that operates a SaaS platform for book sales and inventory management.
Currently, it is unknown which group is behind the attack or what kind of data has been compromised. However, what is clear is that employees have been forced to track sales and inventory with Excel sheets and pen and paper for the last few days.
How will the situation play out? The bookstores have stated that they do not plan on paying the “huge” ransom. Of course, this may change.
Providing analysis for Digital Journal is Nick Tausek, Security Solutions Architect at Swimlane.
Tausek says that the latest cyber-incident needs to be considered in terms of scale and in doing so the potential risk is cascading downwards.
Tausek’s contextualization runs: “While malicious cybercriminals continue to target large corporations, this attack on European bookstores proves that smaller businesses are at risk as well: No company is truly safe.”
Describing the specific incident, Tausek finds: “In this case, the bookstores’ IT infrastructure was shut down for several days, forcing employees to track sales and inventory through less reliable and accurate methods such as Excel spreadsheets and pen and paper.”
With the output from the attack, Tausek speculates: “Although we don’t know if any personally identifiable information has been compromised, we do know how severe the repercussions of these attacks can be regardless of the quality or quantity of at-risk information.”
Nonetheless there are measures that businesses of any size can consider. Tausek recommends: “To ensure data protection and the smooth running of day-to-day processes, organizations of all sizes must invest in the proper security systems to gain full visibility into their IT ecosystems.”
Furthermore the cybersecurity expert suggests: “Platforms that centralize and automate detection, response and investigation components help in identifying these threats and carrying out the proper response protocol, ultimately considerably limiting the chance of human error and ensuring valuable data and IT platforms remain protected.”