Blog / London Drugs
Nobody Does Ransomware Better.
Okay, we admit that a headline making fun of their slogan is a bit of a low blow, but after their handling of a recent highly-publicized “cybersecurity incident,” the venerable Canadian pharmacy chain London Drugs kind of deserves it.
For those who may not have heard about it yet, the pharmacy chain temporarily closed all 79 of their locations last month after a successful cyberattack. Their initial public statement simply referred to a cybersecurity incident but the only kind of attack warranting that kind of response is ransomware.
Now, you might be tempted to think that because their response was extreme and quickly-executed, then London Drugs handled the incident well, but that’s only true to an extent. The details still demonstrate some of the unfortunate stubbornness by some businesses when it comes to being fully transparent about data breaches because London Drugs only admitted to the ransomware rumours after Lockbit, the ransomware gang responsible for the attack, outed their failure to pay to the media.
The problems don’t end there. There are two key issues with London Drugs’ response. First, there’s just no way the London Drugs IT team couldn’t identify the infamous Lockbit ransomware, and second, Lockbit always steals data as part of its attack.
So why didn’t London Drugs just come forward with these details from the beginning? Nothing needed to be kept secret. Rather than protect their company image, London Drugs likely damaged it in the process. It’s not just that they withheld information. It’s the fact that they didn’t have a good reason to which makes their response all the more baffling.
But before we go any further, let me point out that the FBI recently made several arrests, including the Lockbit gang’s kingpin, and ostensibly shutting down their operation. So out of fairness, isn’t it possible that London Drugs believed it was impossible for Lockbit to be behind the attack?
Well, no, frankly. While a lack of understanding by everyday users can be forgiven, any IT team worth their collective degrees understands that taking down people in the real world doesn’t stop malware once it’s been released on the internet.
Unfortunately for London Drugs, the court of public opinion doesn’t care about whether doubts are reasonable or not, and this seemingly minor cybersecurity incident could wind up costing them more than their temporary closure did.
If you’d like to work with an IT service provider that doesn’t just prioritize technical acumen but also transparency and trustworthiness, contact a TRINUS cybersecurity professional and we’ll be happy to help out with some stress-free IT.
Today’s quote comes from Richard III: “An honest tale speeds best being plainly told.”
Be kind to one another, courtesy your friendly-neighbourhood cyber-man.