At least we know Cadbury's Claremont factory is clean

Production at Cadbury’s factory in Claremont, Tasmania, stopped at 9.30 pm last Tuesday and on Wednesday staff were put on cleaning and general maintenance duties while IT staff tried to unblock their computer system and access their files.

The computer and touch screens around the highly automated plant all featured a black screen, reminiscent of old-school DOS screens, and text advised that files would be made available after the payment of $300 worth of Bitcoins. (At least it wasn’t 300 Bitcoins which would be worth more than a million Australian dollars).

It is thought that the plant was infected with the Goldeneye variant of the Petya encryption virus when a phishing email with a .doc attachment was opened. Companies with industrial controlled devices running on a specialised code are apparently most likely to fall prey to this virus.

All computer experts recommend that ransoms should not be paid, that police should be notified and companies should ensure that their computer security systems are up to date.

However, at $300/computer, many manufacturing companies would find it much faster and more economical to pay the fine and restore production. Sadly, this means the cyber-extorters win and the rate of deployment of such attacks will increase.