VetEnt hit by cyber ransomware attack
It was back to pens and paper this week at VetEnt, whose 22 clinics nationwide were victims of a cyber-attack demanding a large amount of bitcoin.
The ransomware attack happened at 11pm on Saturday and was discovered by staff the next morning.
Ransomware is a type of malicious software that blocks or threatens to destroy a victim’s data unless a ransom is paid. It can be accidentally downloaded from emails or messages, or a person can be persuaded to download it.
The attack on VetEnt blocked access to the clinics’ files, email accounts and customer databases.
Marketing coordinator Anita Burton says a large number of bitcoin was being demanded with no guarantee the data could be recovered even if paid. VetEnt did not pay the hackers. “From what I understand, even when those ransoms are paid, getting data back is sometimes unlikely,” she says.
“In this case, the data has not been taken but the malware was blocking us from accessing it.”
Anita says VetEnt has managed to secure its data and is now rebuilding its software.
“We have recovered the vast majority of our information and been able to avoid the horrible prospect of giving money to criminals.”
It is business as usual for the veterinary chain, with systems expected to return online in the next few days.
“It will take time to get the business back online, and systems will come back in stages rather than all at once.”
The clinic is delivering the same services using a manual route, with landlines for phone calls, and pens and paper for appointments until access is restored.
Those who already had an appointment should attend as usual.
“We want to reassure all of our clients that we are working non-stop to regain access, and that client and patient data is safe.
“Their data, and the data of their pets and livestock, is our first priority.”
“We are proud of our teams for carrying out the same wonderful service they always do, and for taking the makeshift changes in their stride.”
“We’d like to thank all of our clients for their kind words of support and patience over the last few days. We still don’t have access to email, so we ask all clients to please call their clinic for now.”
Cyber security agency Cert NZ recommends businesses do not pay ransoms.
Operations manager Declan Ingram says there is no guarantee you will get your files back.
“If the files are returned, they may be infected with further types of malware that could infect your system.”
“If a business has paid a ransom and received their files back, it’s important that they have the computer professionally inspected by an IT expert to determine if the attacker has planted any other malware on the computer, or if the attacker has created another way to access the computer and the business’ data.
“They should also work with the professional to identify how the ransomware got onto the computer in the first place to prevent it from happening again.”
He says ransomware is easier dealt with by prevention instead of cure.
“Protecting your business from ransomware is a matter of following simple steps, like having good backups and keeping software and operating systems patched and up-to-date.”