Pitney Bowes and Groupe M6 join ransomware’s victim list

For what seems like the umpteenth time this year, a big company has found itself struggling after a ransomware attack.

The victim this time is US mailing services company, Pitney Bowes, which made an announcement to explain why a range of its services had been disrupted.

The company is famous for its franking machines but these days that physical function is integrated with larger tracking systems, which in turn tie into parcel delivery networks.

This means you can frank parcels but also know where they are. Currently, some of those services might be down, the company said, including SendPro products, postage refill, ‘Your Account’ access, and the ‘Supplies’ web store.

We don’t know which ransomware is involved, nor when the affected systems might return. The company offered this reassurance:

In consultation with our security advisors on this issue, we do not believe there are other client risks. We have seen no evidence that customer accounts or data have been impacted.

Groupe M6 and beyond

In a separate ransomware incident, French media company Groupe M6 was hit by an attack at the weekend that took down servers and phone lines.

Although the company appears to have suffered only mild disruption, at least one other company, TV station TF1, tweeted that it had stopped email communication with Groupe M6 for fear of the infection spreading.

Le Groupe #TF1 interdit à ses collaborateurs toute communication par mail avec le Groupe #M6 suite à la cyber-attaque. pic.twitter.com/Qz4v8Ur7wp

— 📁 Anaël (@anaelgr) October 14, 2019

Only days before that, US company Alphabroder was hit by Sodinokibi, a derivative of the GandCrab ransomware.

According to CNN, different layers of US government and healthcare have already seen 140 incidents of ransomware in 2019 to date.

Earlier this month, the FBI put out another of its pained alerts on ransomware, which advised victims not to pay the ransom to recover files. It said that not only does this not result in a usable key, but more generally, it just encourages the crooks:

Paying ransoms emboldens criminals to target other organizations and provides an alluring and lucrative enterprise to other criminals.

One recent prominent holdout was the city of New Bedford in Massachusetts, which publicly refused the attacker’s demand for Bitcoins equivalent to $5.3 million.

What to do?

Sadly, ransomware attacks show little sign of abating, and our usual anti-ransomware advice applies, including the rather obvious reminder that “the only backup you’ll ever regret is the one you didn’t make.”

In short:

• Patch early, patch often. Don’t make it easy for the crooks to get in through the back door.
• Pick proper passwords. Don’t make it easy for the crooks to get in through the front door.
• Use two-factor authentication. Lock the front door, and bolt it too.
• Make regular backups. Ransomware isn’t the only way you can lose your files, so don’t risk keeping only a single copy.
• Keep an off-site backup. Ransomware often tries to find and wipe out any online backups first – so offline backups are your backup’s backup.
• Think before you click. Never open attachments or click through to web links just because an email tells you to.
• Use an up-to-date anti-virus, web filter and exploit blocker. Ransomware that can’t run can’t even read your files, let alone overwrite them.

For more advice, please check out our END OF RANSOMWARE page.