California-based IT solutions company Synoptek admitted it paid a ransom to unlock its server after a malware attack, according to KrebsonSecurity.  According to Krebs:

…Two sources who work at the company have now confirmed their employer was hit by Sodinokibi, a potent ransomware strain also known as “rEvil” that encrypts data and demands a cryptocurrency payment in return for a digital key that unlocks access to infected systems. Those sources also say the company paid their extortionists an unverified sum in exchange for decryption keys.

At the same time, Synoptek claims to be an IT security firm, offering ISO 27001 auditing services as part of its “Virtual Chief Information Security Officer” service. Promotional materials for the “vCISO” service claims it “serves as an invaluable asset for your team to ensure the highest levels of security in terms of people, process, and technology.”

Elsewhere, the Synoptek website claims expertise in ISO standards:

Synoptek’s IT security assessment services provide a review of the health and maturity of any cybersecurity program and measures it against industry standards (NIST/CIS/ISO).

Implementation of ISO 27001 is supposed to mitigate the risks of malware and phishing attacks, so it is not clear who Synoptek can claim expertise in these areas and still have become a victim to them.

It does not appear that Synoptek is, itself, certified to ISO 27001.

Advertisements

Aerospace Exports Inc

Why we report on these topics

Since 2000, Oxebridge has worked to improve ISO and related certification schemes by identifying problems and then proposing solutions. We report on issues affecting standards users because so few other news outlets do. Our belief is that in order to fix the problems in these schemes, we must first understand the nature and breadth of those problems. Our reporting aims to do just that. Elsewhere on the Oxebridge site you will find White Papers and other articles proposing ideas to correct these problems.

Services

Available Tools

Oxebridge SWAG