Ransomware Attack Foils IoT Giant Sierra Wireless
The ransomware attack has impacted the IoT manufacturer’s production lines across multiple sites, and other internal operations.
A ransomware attack on leading internet-of-things (IoT) manufacturer Sierra Wireless this week ground its production activity to a halt and froze various other internal operations.
The Canadian multinational manufacturer creates a broad array of communications equipment – from gateways to routers, cellular modems to modules, and smart connectivity solutions for IoT devices.
The ransomware attack first hit on March 20, pushing the company’s IT systems offline and halting production across its manufacturing sites. Sierra Wireless’ website and other internal operations have also been disrupted by the attack, it said on Tuesday. The company’s website (sierrawireless.com) is currently down, saying “Site is under maintenance.”
The company said that it’s currently working to bring its internal IT systems back online, and hopes to restart production at its facilities “soon.”
“Once the company learned of the attack, its IT and operations teams immediately implemented measures to counter the attack in accordance with established cybersecurity procedures and policies that were developed in collaboration with third-party advisors,” according to Sierra Wireless.
Due to the disruptions caused by the cyberattack, the company is also withdrawing its first-quarter 2021 guidance, which had been provided on Feb. 23 — highlighting the potential financial damages that the attack may have on the company.
However, the company said, at this time it does not believe its customer-facing products and services have been impacted by the attack. It’s not clear whether customer data has been affected.
At this time, Sierra Wireless did not specify how the cyberattack initially occurred, what type of ransom was demanded and whether it was considering paying. It’s also not clear how many production centers have been impacted by the cyberattack. Sierra Wireless operates a global network operation center (NOC), and research-and-development centers in Asia, Europe and North America.
Sierra Wireless declined to comment further: “Beyond notifying the third-party advisors, our customers and others impacted by the attack, we do not share our protocols for dealing with any ransomware attacks as this is considered highly sensitive and confidential,” a spokesperson told Threatpost.
Matt Sanders, director of security at LogRhythm, said that the incident is an example of the impact that a ransomware can have on an organization.
“Unfortunately, Sierra Wireless’ entire production has halted thanks to an attack that has completely debilitated them,” said Sanders. “When an organization falls victim to ransomware, the pressure to get back to normal business operations is huge, and the ability to do so in a timely manner may be pivotal to the company’s ability to continue operating at all.”
Ransomware attacks have continued to plague companies across multiple industries this year — from a February attack on a major Finnish IT provider that forced it to turn off some services and infrastructure in a disruption to customers, to PYSA ransomware attacks in early March disrupting the education sector.