‘This [attack] confirms above anything else that every client of every size needs to be vigilant. I’m not saying Ingram wasn’t, but this is why we do what we do for our clients,’ says Mark Essayian, president of KME Systems.
Ingram Micro has restored all business operations around the globe after it suffered a ransomware attack last week.
In a statement posted to its information page regarding the attack, the Irvine, Calif.-based distributor stated Wednesday night that it is “pleased to report that we are now operational across all countries and regions where we transact business.
“Our teams continue to perform at a swift pace to serve and support our customers and vendor partners,” the statement continued. “We are grateful for the support we’ve received from our customers and industry colleagues. This is an industry based on strong and committed relationships that make all the difference.”
The Safepay ransomware organization is responsible for the attack, according to Bleeping Computer. Ingram Micro proactively took its systems offline ahead of the July 4 weekend and restored systems through a layered approach throughout this week.
The cyberattack underscores the complexity of today’s threat environment in which even the most robust preparations can be challenged by persistent adversaries.
[Related: Ransomware Volume Drops Even As Number Of Active Groups Surges: GuidePoint Security]
“You can run all your tabletop exercises and disaster recovery drills, but until you actually go through it, there’s always something new to learn,” Guy Baroan, president of Elmwood Park, N.J.-based Baroan Technologies, told CRN. “What really matters is how quickly and properly they brought back systems back online. That shows how prepared they really are.”
While Ingram Micro’s systems were down, Baroan implemented contingency plans and worked with a secondary distributor to fill urgent client needs.
“This is just the state of the state,” he said. “Every firewall, every remote access device has software. Every software update could be a new vulnerability. It’s a constant cat-and-mouse game.”
He said the attack is a “stark reminder” that even the most secure companies are not impervious to attacks. As MSPs increasingly rely on an interconnected ecosystem of vendors, a single vulnerability can have rippling effect, he added.
“It’s not about being too big or thinking it’ll never happen to you,” he said. “It’s just not true. Anyone can get hit anytime. And the cybercriminals aren’t stopping.”
But with transparency, collaboration and the right recovery process, Ingram Micro, and any organization facing a similar crisis, can emerge stronger, he said.
“In a few months, we’ll be looking at Ingram as an even better, more resilient company,” Baroan said. “Because that’s what happens when you face something like this head-on and with integrity.”
Mark Essayian, president of Irvine, Calif.-based KME Systems, said that Ingram Micro’s investment in education, support and speed of business has “fundamentally changed” his expectations of the distributor over the years.
“Now people were mad if they couldn’t get something in three seconds. That tells you how successful their platform has been,” he told CRN.
While inconvenient, Essayian echoed Baroan’s sentiment in that the ransomware attack serves as a reminder of the cybersecurity risks even large corporations face.
“This [attack] confirms above anything else that every client of every size needs to be vigilant,” he said. “I’m not saying Ingram wasn’t, but this is why we do what we do for our clients.”
