Fisher & Paykel Appliances appears to be the latest company to be hit by ransomware attack.
F&P Appliances spokesman Andrew Luxmore said, "Early last week, Fisher & Paykel experienced a cyber-attack which has impacted our manufacturing and distribution."
"Nefilim" ransomware - or the same used in the recent Toll Group attack - was employed by the hackers.
• Toll says data stolen in second ransomware attack within months
• Air NZ service provider Travelex held to ransom by hackers demanding $8.5m
• Cyber attack at Lion brewery disrupts supply of beer
"The attempt was identified quickly and, as a result, we locked down our IT ecosystem immediately. We are currently working with third-party experts to restore our systems and our ability to take and fulfil orders, as well as introducing additional security measures," Luxmore says.
It’s a terrible time. I ordered my dishwasher a week ago and they still can’t tell me when it’ll arrive— Andrew Perry (@AndrewPerryNZ) June 10, 2020
"We are one of many businesses that have been the subject of a global cyber-attack in recent months, and we are working closely with other businesses to understand how we can better protect ourselves from this type of criminal activity."
An anonymous tip-off to the Herald said the company's network had been compromised by ransomware attacker. The company's switchboard still directs callers to its website due to "system issues."
The Auckland-based whiteware giant, owned by China's Haier, had no immediate comment on whether a ransom demand was involved.
F&P Appliances joins several high-profile targets over recent months, including Toll Group, which has suffered two major attacks, BlueScope Steel and an attack on Honda's global operations today which some commentators say bears the hallmarks of a ransomware attack.
Founders sell shares as AFT raises $10m, dangles dividend
Lion was hit by a major cyber attack yesterday, but this morning a spokeswoman could not confirm if it was a ransomware attack, where hackers freeze systems or steal data, then demand money for the return of files, or to hand back control.
"We are not yet in a position to comment," the spokeswoman said. "We have notified relevant authorities and our focus is on dealing with the issue and protecting our systems and our customers and suppliers."
"It will be interesting if it is ransomware, because we are seeing quite a lot of ransomware emails on the back of Covid-19, using it as a way to get people to click a link," Peter Bailey, GM of local security outfit Aura, told the Herald.
What to do if you're hit by ransomware
New Zealand businesses or individuals hit by a cyber-attack are advised to contact Crown agency CERT (the Computer Emergency Response Team) as their first step.
CERT acts as a triage unit, pointing people to the right law enforcement agency or technical contacts.
CERT director Rob Pope and police both advise against paying up on a ransomware demand, even if the sum involved is modest.
They say there is no guarantee that data will be returned, or unlocked. They also caution that while paying a small ransom can be convenient, the money can help fund Eastern European gangs who are also involved in the likes of drug and human trafficking.