Big Canadian restaurant chain Recipe Unlimited was hit by a cyberattack on September 28, 2018. According to a statement made by the company, “a limited number of Recipe Unlimited restaurants are currently experiencing a partial network outage. Only certain restaurants under the Swiss Chalet, Harvey's, Milestones, Kelseys, Montana's, Bier Markt, East Side Mario's, The Landing Group of Restaurants and Prime Pubs brands have been impacted.” The impact included several restaurants having to close, and several more not being able to process electronic credit card and debit card transactions.
What’s troubling about the attack is the downplaying of the issue. According to Recipe Unlimited, it was a malware attack. According to the CBC, the attack was ransomware, the CBC has even published an excerpt of the ransom note. The fact of the matter is, there are going to be financial losses associated with the restaurant closers. In addition, there could be an impact if consumers lose faith in the organization. Several employees the CBC spoke to are also worried about their personal data being hijacked: "There's no communication as far as what these people have and what they're doing with it," said one worker. "Do we need to be contacting our banks and stuff like that?" While it’s still too early to tell what information may have been breached, or how much revenue Recipe Unlimited will lose as a result, it is clear that a ransomware attack could cost your business dearly.
So what should you do to prevent a ransomware attack? Train employees to detect suspicious emails and to not click on links or attachments from untrusted sources. Keep your software up-to-date by applying patches on a regular basis. It also goes without saying that the security software you use must also be kept as current and up-to-date as possible to detect viruses and malware. Always maintain back-ups of your data, so you can always restore from a back-up if necessary. And in the event you are hit with a ransomware attack, don’t pay the ransom! Having your back-ups will ensure you don’t need to pay. As well, once you’ve paid an attacker once, said attacker may look to target you again in the future (as they know you will pay).