Blue Yonder, a supply chain technology provider, has faced a ransomware incident. According to the organization, its managed services hosted environment experienced disruptions on November 21, 2024. These disruptions were determined to be the result of a ransomware attack. In response, Blue Yonder has enacted defensive and forensic protocols, including partnering with an external cybersecurity firm for recovery purposes. 

James McQuiggan, Security Awareness Advocate at KnowBe4, comments, “While it’s a bad day when a ransomware attack occurs within an organization, it illustrates that cybercriminals have been inside the network, data, and infrastructure for some time. While no one likes unwanted visitors in their homes, having cybercriminals sitting in the network is just as unnerving. 

“Organizations must prepare for these types of attacks and be fully aware of the steps they need to take to remove unwanted visitors and address data loss, breaches, or loss of trust with their clients or customers. Organizations must have a well-documented and reviewable Incident Response (IR) plan with regular testing, which provides the ability to address incidents and minimize damage and downtime. 

“As part of the IR plan, backup and recovery processes must be routinely tested and isolated from production environments to allow for rapid recovery and reduce the leverage of attackers demanding ransom.”