{"id":21572,"date":"2023-03-27T16:10:24","date_gmt":"2023-03-28T00:10:24","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2023\/03\/27\/news-15303\/"},"modified":"2023-03-27T16:10:24","modified_gmt":"2023-03-28T00:10:24","slug":"news-15303","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2023\/03\/27\/news-15303\/","title":{"rendered":"Food giant Dole reveals more about ransomware attack"},"content":{"rendered":"<p>Fruit and vegetable producer&nbsp;<a rel=\"noreferrer noopener\" href=\"https:\/\/en.wikipedia.org\/wiki\/Dole_plc\" target=\"_blank\">Dole<\/a>&nbsp;has confirmed&nbsp;attackers behind&nbsp;its<a rel=\"noreferrer noopener\" href=\"https:\/\/www.dole.com\/en\/press\/2023\/dole-experiences-cybersecurity-incident\" target=\"_blank\">&nbsp;February ransomware attack<\/a>&nbsp;accessed employee data. The company hasn&#8217;t revealed the number of staff impacted.<\/p>\n<p>In an annual report&nbsp;<a rel=\"noreferrer noopener\" href=\"https:\/\/www.sec.gov\/Archives\/edgar\/data\/1857475\/000185747523000013\/dole-20221231.htm\" target=\"_blank\">filed<\/a>&nbsp;to the US Securities and Exchange Commission (SEC)&nbsp;last week, Dole said:<\/p>\n<blockquote>\n<p>&#8220;In February of 2023, we were the victim of a sophisticated ransomware attack involving unauthorized access to employee information. Upon detecting the attack, we promptly took steps to contain the attack, retained the services of leading third-party cybersecurity experts and notified law enforcement. The February 2023 attack had a limited impact on our operations.&#8221;<\/p>\n<\/blockquote>\n<p>&#8220;Limited impact&#8221; maybe, but&nbsp;<a href=\"https:\/\/www.cbsnews.com\/miami\/news\/cyberattack-on-food-giant-dole-temporarily-shuts-down-north-american-production\/\" target=\"_blank\" rel=\"noreferrer noopener\">according to CBS<\/a>, customers complained on social media about delays and shortages of Dole products on store shelves for more than a week. The company also&nbsp;<a rel=\"noreferrer noopener\" href=\"https:\/\/edition.cnn.com\/2023\/02\/22\/business\/dole-cyberattack\/index.html\" target=\"_blank\">temporarily<\/a>&nbsp;shut down production plants in North America and stopped delivery to stores.<\/p>\n<p>Stewart&#8217;s Food Store in Texas was prompted by querying customers to post&nbsp;<a rel=\"noreferrer noopener\" href=\"https:\/\/www.facebook.com\/permalink.php?story_fbid=pfbid04JZpK7JpQ57dmUvu8DFPo2WXxeQC5H9onMpvKiycVr2aHgwQYLsy6Qt983BKVUexl&amp;id=100063639997295&amp;__cft__[0]=AZXjUyI3dczJZzc33R9LM7T2BfAdyR_eBb12NUulT8GE7hi8tFMd_Nc3PVxbL-j-4_Lx9w60uB2AOpL6G1kp5APe3KiIE1T000iRFtOZdtrshmIdGn526STbG1zi8rlq5qw4mRejYCJ_2WN3nW-W7WJN9PcwFDrBVBpLUCMAv5SWY0nWjJqXeWulRsloLi_1ZpourTiXZyS0SPELmja7rXPB&amp;__tn__=%2CO%2CP-R\" target=\"_blank\">the memo<\/a>&nbsp;it received from Dole on social media.<\/p>\n<p style=\"text-align: center;\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.malwarebytes.com\/blog\/news\/2023\/03\/easset_upload_file42382_262529_e.jpg\" alt=\"\" width=\"828\" height=\"608\" \/><br \/>The Dole memo Stewart&#8217;s received and posted on its Facebook Page. (Source:&nbsp;<a rel=\"noreferrer noopener\" href=\"https:\/\/www.facebook.com\/photo.php?fbid=643033037828024&amp;set=a.473292448135418&amp;type=3&amp;theater\" target=\"_blank\">Stewart&#8217;s<\/a>)<\/p>\n<p>It isn&#8217;t clear how long the company had to keep production offline. The company has also declined to comment when pressed for more details about the ransomware attack. When asked if it can recover the disruption cost through supplier recovery or insurance coverage, CEO Rory Byrne&nbsp;<a rel=\"noreferrer noopener\" href=\"https:\/\/www.cybersecuritydive.com\/news\/dole-recovery-ransomware-attack\/644445\/\" target=\"_blank\">said<\/a>, &#8220;I suppose the simple answer on that is no we don&#8217;t expect to recover on either of those categories.&#8221;<\/p>\n<p>Byrne adds that getting insurance in North America now&nbsp;is &#8220;prohibitive.&#8221;<\/p>\n<p>Dole employs more than 35,000 staff worldwide across 75 countries. It reports a $9.3B revenue for 2022 after being acquired by Total Produce, creating Dole PLC&nbsp;<a rel=\"noreferrer noopener\" href=\"https:\/\/www.totalproduce.com\/history-growth\/\" target=\"_blank\">in 2021<\/a>.<\/p>\n<h2>How to avoid ransomware<\/h2>\n<ul>\n<li><strong>Block common forms of entry<\/strong>. Create a plan for <a href=\"https:\/\/www.malwarebytes.com\/business\/vulnerability-patch-management\">patching vulnerabilities<\/a> in internet-facing systems quickly; disable or <a href=\"https:\/\/www.malwarebytes.com\/blog\/news\/2022\/03\/blunting-rdp-brute-force-attacks-with-rate-limiting\">harden remote access<\/a> like RDP and VPNs; use <a href=\"https:\/\/www.malwarebytes.com\/business\/edr\">endpoint security software<\/a> that can detect exploits and malware used to deliver ransomware.<\/li>\n<li><strong>Detect intrusions<\/strong>. Make it harder for intruders to operate inside your organization by segmenting networks and assigning access rights prudently. Use <a href=\"https:\/\/www.malwarebytes.com\/business\/edr\">EDR<\/a> or <a href=\"https:\/\/www.malwarebytes.com\/business\/managed-detection-and-response\">MDR<\/a> to detect unusual activity before an attack occurs.<\/li>\n<li><strong>Stop malicious encryption<\/strong>. Deploy Endpoint Detection and Response software like <a href=\"https:\/\/www.malwarebytes.com\/business\/edr\">Malwarebytes EDR<\/a> that uses multiple different detection techniques to identify ransomware, and ransomware rollback to restore damaged system files.<\/li>\n<li><strong>Create offsite, offline backups<\/strong>. Keep backups offsite and offline, beyond the reach of attackers. Test them regularly to make sure you can restore essential business functions swiftly.<\/li>\n<li><strong>Don&rsquo;t get attacked twice.<\/strong> Once you&#8217;ve isolated the outbreak and stopped the first attack, you must remove every trace of the attackers, their malware, their tools, and their methods of entry, to avoid being attacked again.<\/li>\n<\/ul>\n<hr \/>\n<p dir=\"ltr\">Malwarebytes removes all remnants of ransomware and&nbsp;prevents&nbsp;you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.<\/p>\n<p style=\"text-align: center;\"><span class=\"blue-cta-bttn\" style=\"background-color: #0d3ecc; line-height: 50px; padding: 0 20px;\"><a href=\"https:\/\/www.malwarebytes.com\/business\/contact-us\/\">TRY NOW<\/a><\/span><\/p>\n<p><a href=\"https:\/\/www.malwarebytes.com\/blog\/news\/2023\/03\/food-giant-dole-reveals-more-about-ransomware-attack\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<table cellpadding=\"10\">\n<tr>\n<td valign=\"top\" align=\"left\">\n<p>Categories: <a href=\"https:\/\/www.malwarebytes.com\/blog\/category\/news\" rel=\"category tag\">News<\/a><\/p>\n<p>Categories: <a href=\"https:\/\/www.malwarebytes.com\/blog\/category\/ransomware\" rel=\"category tag\">Ransomware<\/a><\/p>\n<p>Tags: Dole<\/p>\n<p>Tags:  ransomware attack<\/p>\n<p>Tags:  data breach<\/p>\n<p>While Dole hasn&#8217;t said a lot about the February ransomware incident, it has revealed threat actors accessed employee data.<\/p>\n<table width=\"100%\">\n<tr>\n<td align=\"right\">\n<p><b>(<a href=\"https:\/\/www.malwarebytes.com\/blog\/news\/2023\/03\/food-giant-dole-reveals-more-about-ransomware-attack\" title=\"Food giant Dole reveals more about ransomware attack\">Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/www.malwarebytes.com\/blog\/news\/2023\/03\/food-giant-dole-reveals-more-about-ransomware-attack\">Food giant Dole reveals more about ransomware attack<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/www.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[11172,1322,32,3765,20486],"class_list":["post-21572","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-data-breach","tag-dole","tag-news","tag-ransomware","tag-ransomware-attack"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/21572","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=21572"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/21572\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=21572"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=21572"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=21572"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}