California-based IT solutions company Synoptek admitted it paid a ransom to unlock its server after a malware attack, according to KrebsonSecurity. According to Krebs:
…Two sources who work at the company have now confirmed their employer was hit by Sodinokibi, a potent ransomware strain also known as “rEvil” that encrypts data and demands a cryptocurrency payment in return for a digital key that unlocks access to infected systems. Those sources also say the company paid their extortionists an unverified sum in exchange for decryption keys.
At the same time, Synoptek claims to be an IT security firm, offering ISO 27001 auditing services as part of its “Virtual Chief Information Security Officer” service. Promotional materials for the “vCISO” service claims it “serves as an invaluable asset for your team to ensure the highest levels of security in terms of people, process, and technology.”
Elsewhere, the Synoptek website claims expertise in ISO standards:
Synoptek’s IT security assessment services provide a review of the health and maturity of any cybersecurity program and measures it against industry standards (NIST/CIS/ISO).
Implementation of ISO 27001 is supposed to mitigate the risks of malware and phishing attacks, so it is not clear who Synoptek can claim expertise in these areas and still have become a victim to them.
It does not appear that Synoptek is, itself, certified to ISO 27001.