Bay & Bay hit with Ransomware 2nd time
Trucking and logistics company Bay & Bay Transportation based out on Minnesota’s IT systems started acting up and soon became apparent that the cause was something familiar and alarming: a ransomware attack. Conti gang was the culprit this time
Hackers had deployed malware to encrypt data on the company’s systems. The company had been down this road before. A ransomware attack in 2018 crippled its systems and led the company to pay the criminals.
The good part of it is we have a lot better tools, systems and processes than we did three years ago, but we knew it was bad because the spread was more heinous than the other one. Bay & Bay spokes person.
Ransomware only impacted some of its systems and a small minority of desktop computers, but that everything was shut down as a precaution. The company, had measures in place to minimize the impacts, including network segmentation. 90% functionality within about a day in a half.
Criminals exploited vulnerability in server
Bay & Bay, which has a fleet of over 400 power units, disclosed the attack after Conti began posting data stolen from the company to the dark web. Groups like Conti typically do this after victims refuse to pay their ransom demands.
In contrast to its response to the attack in 2018, Bay & Bay refused to pay. It’s in a better position to recover on its own instead of paying the criminals for the key to decrypt its data.
Bay & Bay engaged third-party cybersecurity experts shortly after the attack and notified law enforcement. A forensic investigation is underway to determine how the attack occurred and the extent of any data breach.
“Critical patches are critical for a reason,” need to be patched at right time to keep thing right