Colorado Timberline Abruptly Closes, Cites Ransomware Attack

Colorado Timberline, the supplier based in Denver, posted an announcement on its website yesterday announcing that the company was closing abruptly. Here's the full text of the message:

Dear valued customers and suppliers of Colorado Timberline:

It is with great difficulty and a heavy heart that we must inform you that effective immediately Colorado Timberline has ceased all operations indefinitely.

We have recently been plagued by several IT events, unfortunately we were unable to overcome the most recent ransomware attack and as a result this unfortunate and difficult decision was made.

We greatly appreciate the support and loyalty from each of you over the years.

Management of Colorado Timberline

It's not the first time a business in the promotional industry was hit with malware, but the fact that it crippled the supplier entirely is unnerving.

Back in April, Hit Promotional Products was the victim of a malware attack that affected others in the industry, too. Scammers were sending a link that appeared to be from a valid distributor, and when the viewer clicked the link for purchase order or artwork confirmation, the virus shut down the computers on the servers.

As Les Dorfman, executive vice president of High Caliber Line, told Promo Marketing in April, "[The virus] hits certain drives and files, and is very hard to clean."

The attack didn't just happen once, so companies had to become even more diligent to detect scams and minimize potential problems.

And it's not just smaller businesses, either. Google had been on the receiving end of malware attacks, and implemented a program to give employees USB keys to protect their data. The key was part of a two-factor authentication program, which meant that even if scammers got a hold of information like passwords, they'd need to physically plug the key into a computer's USB port to access it.

Since handing out the keys, Google hasn't reported a single malicious data attack. Because of the success, they've started selling them for anyone to buy.

With malware attacks being so common and preventable, it's smart to look into ways to protect your personal and professional data.

The attack on Colorado Timberline appears to differ from the previous attacks that affected industry companies. On August 20, the supplier posted the following update to its Facebook page, providing a few more specific details about the severity of the damage:

As you may already know, Tuesday evening our system was infected with a particularly nasty ransomware virus… yes, seriously. The virus got onto our database server and locked our files. Unfortunately, this type of ransomware encrypts the files in such a way that they need to physically get our system to repair. We wish we could just pay and get our system up and running, but we do not want to give them access to any more of our data. Luckily we have full backups so are able to do a full restore on our own.

We are currently running software to extract data from our infected drives. Once we complete this we will restoring our ERP and should be able to begin processing orders again. Our contractors should have this done by EOD, but if that changes we will let you know immediately.

Although we were able to ship yesterday, we are not able to at the moment. We are working internally on that process and are hoping to get that fixed quickly. Also, we still have not been able to send ship notifications, so there is a good chance that the majority of your orders from 8/14 back have shipped, even if you didn’t get notified.

As for now, we have production clearing out any remaining orders on the floor and will be running on a skeleton crew until the orders start to print out, at which time we will bring the full crew back in to begin clearing orders.

We appreciate your continued patience as we deal with this, you guys are troopers!