Cleaning product manufacturer Clorox has confirmed significant operational disruption caused by a recent cyber-attack.
According to a notice published on the company’s website, the attack was detected on August 14, prompting Clorox’s IT team to take immediate action by halting suspicious activity and shutting down affected systems. As a precautionary measure, the compromised systems have remained offline until today to allow for enhanced security measures.
“Details into this incident are still emerging, so it isn’t clear what type of attack Clorox is facing. However, based on the information available, the company has taken certain systems offline to contain the incident. This could indicate the attack was ransomware, and Clorox is trying to prevent the malware from spreading onto other systems,” commented Jordan Schroeder, managing CISO at Barrier Networks.
“When it comes to ransomware, a common misconception is that organizations escape unscathed if criminals do not encrypt their data, but this is completely wrong. Even if data isn’t held hostage, organizations can still incur huge financial losses as a result of downtime and recovery,” Schroeder explained.
The cyber-attack has disrupted Clorox’s manufacturing and distribution processes, affecting its ability to fulfil orders and maintain normal operations. The company has activated its business continuity plans to mitigate the impact and ensure its products remain available to consumers.
“When it comes to defending against this, organizations must have contingency plans in place so they can avoid taking systems offline. A key part of this all comes down to network segmentation, which allows an organization to shut down an infected part of a network without it impacting other environments or operations,” Schroeder added
Clorox is actively investigating the incident to determine the nature and extent of the breach. While the timeline for the complete restoration of services remains uncertain, the company has established a dedicated communication channel to keep customers, suppliers and the public informed about recovery efforts.
“The Clorox Company recently identified unusual activity on our IT systems. Upon detection, we immediately took steps to stop the activity and took certain systems offline. While we are working diligently to respond to and address this issue, these systems will remain offline out of an abundance of caution, as we work to add additional protections and hardening measures to further secure them. As a result, some operations are temporarily impaired. We are following our business continuity plans and implementing workarounds where possible,” the company said in a statement received by Infosecurity.
“The investigation into the nature and scope of the incident remains ongoing and is in its very early stages. Our team is working diligently to restore systems safely and quickly, and we will ensure all suppliers and customers are updated as appropriate.”
Editorial image credit: calimedia / Shutterstock.com