On April 12, NCR, a prominent American software company specializing in developing technology and payment systems for the restaurant sector, announced that it was investigating an issue associated with its Aloha restaurant point-of-sale (PoS) system. This system is widely used by restaurants throughout the United States to manage daily operations, such as payment processing. However, it soon became apparent that the issue was caused by a ransomware attack, which impacted certain cloud-based systems and resulted in limited functionality for certain restaurant administrative tasks. In this article, we will review and update the latest developments on this cyber attack and provide some safety tips to help protect against ransomware attacks.
On April 15, the company provided an update stating that a small number of supplementary Aloha applications used by some of its hospitality clients had experienced a service interruption due to a ransomware attack at a data center in Aloha, Hawaii. The company confirmed that the service disruption was caused by a ransomware event on April 13, and promptly informed its customers, enlisted the assistance of third-party cybersecurity specialists, and initiated an investigation. Law enforcement authorities have also been notified.
The attack affected some of NCR's cloud-based systems, resulting in limited functionality for certain restaurant administrative tasks. Although the affected restaurants were still able to serve their customers, some features were not functioning as expected. NCR is working tirelessly to restore its services for its customers, and is offering personalized assistance and alternative solutions to help them manage their operations as they work towards a complete recovery.
The BlackCat ransomware group initially claimed responsibility for the attack on their Tor-based data leak website, which presently includes over 300 targets. However, the announcement was subsequently deleted. This implies that negotiations may have begun, and the hackers could be seeking payment for the ransom.
According to the company, the cyberattack did not compromise any of its customers' networks or systems. NCR has also stated that it is currently engaged in simultaneous efforts to establish substitute functionalities for affected customers, completely recover impacted data and applications, and strengthen its cybersecurity measures.
To protect against ransomware attacks, it is recommended to keep software updated, use strong passwords, and enable multi-factor authentication. As a business owner, it is essential to keep your business safe from cyber threats. Armoryze offers Managed Detection and Response services to protect businesses by monitoring their systems 24/7, detecting threats, and responding quickly to any incidents. Schedule a complimentary call with us today to learn how we can help safeguard your business from ransomware attacks and other cyber threats. Don't let hackers ruin your business – take action now.