Ransomware knocks global IT supplier offline
Add Axios as your preferred source to
see more of our stories on Google.
Illustration: Aïda Amer/Axios
Ingram Micro, a leading tech supplier for manufacturers and cloud providers, says it's made "important progress" as it recovers from a ransomware attack.
Why it matters: While not a household name, Ingram Micro works with thousands of companies, including major brands like Apple and Microsoft, to distribute hardware, software and other tech services.
- Outages could cause shipping delays, stall cloud services, and lead to further data breaches of customers' sensitive information.
Driving the news: After days of outages, Ingram Micro shared details about the ransomware attack in a statement Saturday night.
- The global IT distributor said hackers had taken some of its internal systems offline, and the company proactively shut down some other systems to contain the attack.
- "Ingram Micro is working diligently to restore the affected systems so that it can process and ship orders, and the Company apologizes for any disruption this issue is causing its customers, vendor partners, and others," the company said in the statement.
- The company also said Monday that it has started taking online subscription orders again, and it can now process orders via phone and email from customers across the U.K., Europe, South America and southeast Asia.
- "Some limitations still exist with hardware and other technology orders, which will be clarified as orders are placed," the company added.
Zoom in: Over the weekend, customers reported they were unable to place orders. The company's website went offline Thursday morning but came back online sometime yesterday.
- Customers have also complained on social media about emails to Ingram Micro account managers bouncing back, according to The Register.
- BleepingComputer reported that the hackers are using the relatively new SafePay ransomware strain, and employees opened their computers to ransom notes last week.
The big picture: Hackers often target third-party, behind-the-scenes companies like Ingram Micro because of the ripple effects just one incident can have.
- Not only will a company like Ingram Micro go dark, but its customers will also face the effects for weeks as the company works to come back online.
- That cascading effect could make companies like Ingram Micro more willing to pay a ransom to decrypt their systems or prevent the publication of any stolen customer data.
What to watch: Ingram Micro has yet to disclose how the hackers broke into its systems or which hacker group is behind the attack.
- The company is likely to share more details about the financial impacts of the incident with investors in the coming weeks.
