The Isle of Man Government’s Office of Cyber Security and Information Assurance (OCSIA) has issued advice following a suspected cyber-attack on the Ronaldsway-based Strix Group.
Over the weekend, Strix said it was recently the subject of a cyber incident ’of Russian origin’ to its business.
From research conducted by OCSIA, and information made publicly available, the ransomware used in the attack is believed to be a strain called Lockbit 2.0 and is commonly attributed to Russian speaking cyber criminals.
There is currently no evidence to suggest that the Russian state was in any way involved in this incident.
A Strix company spokesman said of the hack: ’On becoming aware of the incident, which mainly impacted Strix’s Isle of Man and UK servers, the Group immediately engaged external specialists and took precautionary measures with its IT infrastructure, including taking its systems offline whilst it investigated the nature and extent of the incident and implemented its business continuity plan.
’These systems are now restored and fully operational.
’There has been no impact on customer orders or sales, with all businesses within the group remaining operational.
’The company has also appointed cyber security experts to continue to monitor and support them with this incident as well as report on the attack and make recommendations to further enhance and refine their processes and procedures.
’These recommendations will be implemented.’
The spokesman added: ’The group is fully aware of its obligations and is working with its professional advisers, the police and relevant regulatory authorities and will provide further updates as and when appropriate.’
Given the current heightened tensions caused by the conflict in Ukraine, OCSIA took the opportunity to reiterate its advice for organisations to take steps to reduce the risk of falling victim of an attack, including:
l Patching systems
l Improving access controls and enabling multi-factor authentication
l Implementing an effective incident response plan
l Checking that backups and restore mechanisms are working
l Ensuring that online defences are working as expected
l Keeping up to date with the latest threat and mitigation information.
Employees should be aware of their role in keeping systems safe, including not clicking on suspicious links, reporting suspicious emails and taking care when working remotely.
Having secure computer systems is only one part of effective preparation against a cyber-attack.
All organisations should be prepared for a systems outage with a plan for how they would continue to operate.
Further advice is available at www.ocsia.im.