Arran Brewery hit by ransomware attack

  • Published
Ransomware attack conceptImage source, Getty Images

A Scottish brewery has warned other firms to stay alert after it fell victim to a ransomware attack.

Arran Brewery said it was locked out of its own computer system after being duped into opening an email attachment that contained a virus.

According to the firm, the culprits then demanded two bitcoins, worth a total of £9,600, to restore its system.

Arran said it declined to pay, despite losing three months' worth of sales data from one server.

The company added that it had since used an IT consultant to eliminate the virus, and it was working on restoring the lost data.

What is ransomware?

Ransomware involves computer viruses that threaten to delete your files unless you pay a ransom.

Like other viruses, it usually finds its way onto a device by exploiting a security hole in vulnerable software or by tricking somebody into installing it.

Arran Brewery managing director Gerald Michaluk described the attack as "very devious".

He said: "We advertise job vacancies on our website. One such job vacancy was for a credit control and finance assistant post, now filled.

"Out of the blue we started getting applicants for the post from all over the country and the world.

"I assumed one of my colleagues had advertised the post. However, this was not the case; the attackers had taken our website vacancy and posted it on some international jobs site.

"We were getting three of four emails a day, all with attached CVs. The virus was in amongst the genuine job seekers, and when the CV was opened it took effect."

He added: "I hope if anyone finds themselves in a similar position they can recognise the MO of these bandits and not have the same issues we have had."

'Don't pay ransom'

Gerry Grant, chief ethical hacker at the Scottish Business Resilience Centre, said ransomware remained a popular "attack vector" for criminals.

He said: "It can be very difficult to verify every single email that comes in but you should be suspicious about attachments from people you don't know or are not expecting.

"My advice to people is that they should not pay any ransom because there is no guarantee that those responsible won't ask you for more money even if you pay up.

"The best course of action is to contact the police and alert them to an attack.

"Firms should also make sure they have a plan in place if it happens so they don't run about in a panic."

'Potentially devastating'

Ch Insp Scott Tees, of Police Scotland's cyber crime prevention team, said: "Ransomware attacks can be very sophisticated and potentially devastating for individuals and small businesses.

"We would advise every computer user to ensure they're running the latest versions of security software, have their data backed up regularly to cloud services or devices not connected to their computer.

"Be extremely vigilant about opening any unsolicited email and visiting websites you are not familiar with.

"There is a lot of help available online including Police Scotland's website and www.getsafeonline.org, external."

Related internet links

The BBC is not responsible for the content of external sites.