Ransomware attacks hit food service supply, industry giants forced to suspend operations

Catering service giant Edward Don was attacked by ransomware, which seriously affected the facilities that maintain normal business operations such as telephones, networks, and emails;

As a heavyweight distributor in the catering food service supply system, the fall of Edward Don will bring a heavy blow to the supply chain of restaurants, hospitals, hotels and bars.

Foodservice giant Edward Don suffered a ransomware attack that forced the company to shut down parts of its network to prevent the offensive from spreading.

Edward Don and Company is one of the world’s largest distributors of foodservice equipment and supplies, covering kitchen supplies, bar supplies, tableware and kitchenware.

Earlier this week, Edward Don was hit by a ransomware attack that severely affected the phone system, network and emails that keep the business running.

Due to an outage in email service, company employees were forced to use Gmail accounts to communicate with customers about urgent orders and specific deliveries.

Edward Don has not disclosed the incident publicly, but several employees said they were unable to receive new orders until the system was back online.

As a heavyweight distributor in the food service supply system, the fall of Edward Don will deal a heavy blow to the supply chain of restaurants, hospitals, hotels and bars.

We have reached out to Edward Don for confirmation on this matter, but there was no immediate response.

Qbot Trojan Horse Found on Edward Don’s Intranet

It is unclear which ransomware group the attack originated from.

But Vitali Kremez, CEO of security firm Advanced Intel, said in an interview that based on their malicious visibility analysis, Edward Don was most likely infected with Qbot malware.

Qbot is known to act in tandem with ransomware, enabling it to gain remote access to infected networks. Ransomware gangs then spread laterally through this remote path, stealing data, and ultimately deploying ransomware to lock down the device itself.

Ransomware gangs such as ProLock and Egregor have used Qbot in the past. After that, the REvil ransomware gang took over the “flag” of Qbot.

Over the past few months, ransomware has wreaked havoc on critical infrastructure and supply chains across the U.S., with victims including Colonial Pipeline and food processing giant JBS.

Colonial Pipeline paid DarkSide $4.4 million in ransom, and JBS handed over $11 million to REvil.

 

The Links:   TDA1553Q M170EG01-V2