IT giant restores systems after ‘malware attack’ crippled operations

A New Jersey-based IT giant fully restored its systems following a wide-ranging incident that they referred to as a “coordinated and professional malware attack.”

SHI, which has 5,000 employees and $12 billion in revenue in 2021, did not respond to requests for comment about whether it was a ransomware attack or whether they paid a ransom in an effort to recover from the attack quicker. 

In a blog post, SHI said that as of 8 a.m. on Monday, the “vast majority of SHI’s internal and external-facing systems are fully operational.”

“Customers can now log in to their accounts on shi.com (enhanced security protocols are in place) and can resume placing and tracking orders,” the company said. 

The company is a large provider of IT products and services, with 15,000 customers across the U.S., UK, Canada, France, Singapore and Hong Kong.

SHI is like Amazon for companies to order hardware and software. Why are they down in the middle of the day? pic.twitter.com/i889SV4TpX

— Derek Abdine (@dabdine) July 5, 2022

SHI is now in the process of getting caught up on all of the tasks that were left in limbo after the incident began during the July 4 weekend. Dozens of customer took to social media to complain about the lack of responses from the company.

“All sales teams across SHI now have restored access to all systems necessary to help customers get quotes and pricing, place orders, and manage contracts,” the company said, adding that they “continue to bring more systems online in a carefully controlled manner.”

While SHI has denied repeatedly that no customer information was accessed, Horizon3ai cybersecurity expert Brad Hong said it will be interesting to see over the next weeks and even years what the true impact of the attack is on SHI, its confidential/proprietary data, and most importantly, its customers. 

“As the IT market consolidates, it's unlike any other industry in that the diversification of risk tolerances are unified into one and with it, the potential blast radius of a cyber-attack,” Hong said.  

The attack was discovered by the company’s security and IT team and some systems were taken offline, including SHI’s public websites and email. 

After notifying customers of the attack on July 6, SHI representatives said it contacted the FBI, the Cybersecurity and Infrastructure Security Agency and cybersecurity experts to investigate the incident. 

Dispersive Holdings CEO Rajiv Pimplaskar said the attack on SHI was a sobering reminder that supply chain attacks are escalating globally. 

“Apart from being a large enterprise, SHI is a major software and hardware provider to several Fortune 500 companies, and while there is no evidence regarding 3rd party suppliers getting breached or customer data getting exfiltrated, this is certainly too close for comfort for many of their customers,” Pimplaskar said.