SHI Recovering from, Still Investigating July 4 Weekend Malware Attack

One cybersecurity source said it will be interesting to see the true impact of this attack.

Edward Gately, Senior News Editor

July 11, 2022

2 Min Read
Malware
Shutterstock

SHI International says its internal- and external-facing systems are fully operational after a “professional malware attack” over the July 4th weekend.

On July 6th, SHI said it was the target of a coordinated and professional malware attack.

“Thanks to the quick reactions of the security and IT teams at SHI, the incident was swiftly identified and measures were enacted to minimize the impact on SHI’s systems and operations,” the company wrote in a blog.

SHI took some systems, including public websites and email, offline as the investigation continued.

On July 6, SHI staff regained access to email. In addition, IT teams worked on bringing systems back to full availability in a secure and reliable manner.

Continuing SHI Malware Attack Investigation

“While the investigation into the incident is ongoing – and SHI is liaising with federal bodies including the FBI and CISA – there is no evidence to suggest that customer data was exfiltrated during the attack,” the company said.

SHI also said the malware attack didn’t impact any third-party systems in its supply chain.

Customers can now log into their accounts on shi.com, with enhanced security protocols, and can resume placing and tracking orders.

“The security and integrity of SHI’s systems … is paramount to SHI,” it said. “And we continue to bring more systems online in a carefully controlled manner.”

SHI reported $12.3 billion in revenue in 2021 and has 15,000 customers globally.

Just a Matter of Time

Brad Hong is customer success manager at Horizon3ai. He said the attack didn’t surprise him. IT vendors and consultants are a leading source for attackers to pivot into corporate organizations.

Hong-Brad_Horizon-AI.jpg

Horizon3ai’s Brad Hong

“It happened at Target, at Morley, and most recently, an increase in a targeted effort towards telehealth providers,” he said.

Hong said it will be interesting to see the true impact of the attack on SHI, its confidential/proprietary data and its customers.

“It is now more important than ever for SHI to take on the responsibility of finding any remaining backdoors or persistent code, fix and patch them, and subsequently spend the energy to run frequent pen tests to not only test resiliency, but also to verify remediation of the attack in question,” he said.

Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn.

Read more about:

MSPsVARs/SIs

About the Author

Edward Gately

Senior News Editor, Channel Futures

As senior news editor, Edward Gately covers cybersecurity, new channel programs and program changes, M&A and other IT channel trends. Prior to Informa, he spent 26 years as a newspaper journalist in Texas, Louisiana and Arizona.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like