‘I had a few open orders I was dealing with, and then the site just went down,’ says Stanley Louissaint, founder of Fluid Designs. ‘No word on fulfillment, no system access… nothing. The backlog is obvious.’
Ingram Micro late Saturday confirmed that it had been hit with a ransomware attack and that it is “working diligently to restore the affected systems so that it can process and ship orders.”
The $48 billion distribution behemoth, which notified law enforcement and has launched an “investigation” with the assistance of leading cybersecurity experts, “apologized” to customers, vendor partners and others for any “disruption” caused by the incident.
Bleeping Computer reported Saturday that Ingram Micro has been hit with a ransomware attack associated with the Safepay ransomware organization.
Ingram Micro’s website and online ordering systems have been down since Thursday, according to Bleeping Computer.
On Sunday morning, users visiting the Irvine, Calif.-based company’s website were met with the message “Ingram Micro is currently experiencing a cybersecurity incident, for more information ‘click here’,” which directs users to their official statement about the incident.
Among systems impacted are Ingram’s flagship AI-powered Xvantage platform and the Impulse license provisioning platform, according to Bleeping Computer.
When reached by CRN on Sunday to confirm that Xvantage was down and orders could not be shipped, Ingram referred back to their official statement.
[Related: CrowdStrike Remains Cybersecurity ‘Gold Standard:’ Analyst]
However, for partners like Stanley Louissaint, founder and principal of New Jersey-based MSP Fluid Designs, the bigger issue has been the company’s silence.
“The biggest issue in this situation isn’t even the attack itself,” Louissaint told CRN. “It’s the lack of openness and communication. That’s what completely takes the trust out of a distributor-partner relationship.”
He said his last communication from Ingram was an advertising email on June 26. Since then, despite having open orders and active business with the distributor, he hasn’t received a single update.
“I had a few open orders I was dealing with, and then the site just went down,” he said. “No word on fulfillment, no system access… nothing. The backlog is obvious.”
While his company wasn’t critically affected, thanks to diversified sourcing from other distributors, he expressed concern for businesses that rely solely on Ingram.
“There are companies completely stuck. They can’t ship, can’t fulfill orders, can’t operate,” he said. “That’s why we never put all our eggs in one basket.”
He also raised questions about Ingram’s preparedness and response strategy.
“What was your contingency plan? What’s your disaster recovery process? Was it tested? Clearly, something failed,” he said. “Are you paying the ransom? Are you not? People want transparency.”
The CEO for an SP500 solution provider, who did not want to be identified, said given that Ingram has confirmed it cannot ship orders at this point his company is actively working on a “plan B” to ensure its customers are not impacted by shipping delays.
“Our first priority is meeting our shipping commitments to our customers,” said the CEO. “We also have an obligation to our OEMs so we can recognize revenue. We are reaching out now to our larger OEMs and TD Synnex to make sure our customers are taken care of if this is not resolved quickly. We need to make sure we understand shipping status and timing. If this isn’t resolved by Wednesday next week we are going to have to move our business.”
While many partners express frustration and concern, James Rocker, whose New York-based company is a Trust X Alliance partner with Ingram, is confident the distributor is handling the attack the best they can.
“At this time, Ingram Micro has not released an official statement out of their respect for the situation and investigative process,” he said via text message. “We believe it’s important to allow their team to gather all the facts before drawing conclusions and making public commentary. Cyber threats are an evolving and persistent challenge across the entire channel, and this event is a reminder that even the most prepared organizations are not immune.”
Rocker, founder and CEO of Hauppauge, N.Y.-based MSP Nerds That Care, remained optimistic and said he’s confident in Ingram’s “transparency, response efforts and commitment to minimizing disruption for partners and customers.”
“It’s critical that we as an industry continue to raise the bar on cybersecurity, share intelligence and support one another through incidents like this,” he said. “We trust Ingram Micro is taking the necessary steps to investigate thoroughly and will communicate when appropriate. Until then, we’ll monitor the situation closely and remain focused on ensuring our clients and partners are secure.”
Steven Burke contributed to this report.