Clarksons, the global shipping firm, has turned the tables on criminal hackers who attempted to extort a ransom payment after stealing confidential information from the company’s network.
The business, which is thought to have suffered a breach at the hand of hackers earlier this month, has warned that the hackers may release some of the stolen data – but that it refuses to give in to blackmail.
Details of the quantity and precise nature of the stolen data have not been made public by Clarksons, but in a statement (PDF), the FTSE 250 company apologised to clients, shareholders, and staff for any concern that the breach may cause them – and said that it was in the process of contacting affected individuals and clients directly.
According to the statement, Clarksons presently believes that the hacker gained unauthorised access to its computer network after compromising the account of a “single and isolated user.” That account has now been disabled by the firm, and “additional security measures” have been put in place to prevent similar attacks in future.
The description of the means by which a hacker or group of hackers gained access to Clarksons’ systems makes me think that the attack may not have exploited a software vulnerability, but rather that a legitimate account holder had their login credentials compromised.
The all-important username and passwords that protect so many sensitive accounts are no defence at all if a user has made the mistake of reusing passwords in multiple places, choosing an easy-to-crack or easy-to-guess password, or is duped into fooling for a phishing attack or installing keylogging malware.
That’s one of the reasons why more and more companies are waking up to the importance of incorporating additional levels of authentication (such as two-step verification) and IP lookups to reduce the likelihood of malicious logins.
Clarksons says it has, quite rightly, informed the police about the attack, and is accelerating the roll-out of additional security measures. Furthermore, Andi Case, CEO of Clarksons, shares some admirable sentiments:
“We hope that, in time, we can share the lessons learned with our clients to help stop them from becoming victims themselves. In the meantime, I hope our clients understand that we would not be held to ransom by criminals, and I would like to sincerely apologise for any concern this incident may have understandably raised.”
written by Graham Cluley, ESET We Live Security