A recent ransomware attack targeting furniture maker Steelcase Inc. caused the company to shut down operations for two weeks according to information the company submitted to the U.S. Securities and Exchange Commission.
In the SEC filing, Steelcase said that it detected a cyberattack on its information technology systems Oct. 22. The company said that implemented a series of containment and remediation measures to address the situation. Those measures included the company “shutting down most of its global order management, manufacturing and distribution systems and operations for approximately two weeks.”
The ransomware attack itself was first reported in the media Oct. 27 and was attributed to the Ryuk ransomware gang. The fact that it was forced to cease nearly all operations for two weeks makes this attack standout from what would usually be yet another ransomware attack.
Steelcase, founded in 1912, is not a small business. The company is listed on the New York Stock Exchange and has over 13,000 employees with $3.75 billion in annual revenue. According to Bleeping Computer, Steelcase notified employees Oct. 29 that they “could apply for unemployment instead of using [their] vacation time for hours missed,” as the company was unable to operate due to the ransomware attack.
The company claims that no data was stolen in the attack, saying in its SEC filing that it had “substantially completed its forensic investigation and has found no evidence that any exfiltration of sensitive business data, including intellectual property or customer, supplier or employee data, occurred as a result of this event.”
“Far too often organizations fall victim to a ransomware attack due to unauthorized network access,” Rene Paap, senior product marketing manager at secure access solutions company Pulse Secure LLC told SiliconANGLE. “Although there is no evidence that sensitive information was stolen, the attack forced Steelcase, a billion-dollar company, to pause global operations for two weeks, resulting in the company losing revenue.”
“While unfortunate, this is a better result than some organizations face in ransomware situations, who suffer compromised private information, immeasurable reputational damage and costly fines,” Paap added. “Without proper security protecting the enterprise network, companies are gambling with potential risk as threat actors are constantly looking for victims to exploit.”
Mr. Andrea Carcano, co-founder of OT and IoT security firm Nozomi Networks Inc. noted that “the single biggest threat to enterprises today is underestimating and failing to address cybersecurity across all of their cyber and physical systems.”
“Ransomware attackers are going after higher-value targets and that includes operational networks,” Carcano explained. “And remediation costs and efforts to repair the operational, financial and reputational damage caused by these attacks put a significant strain on leadership teams.”
For manufacturing, time is money, and the current pandemic has only added to the industry’s financial challenges,” Carcano added. “The disruption of IT and operational services, as well as manufacturing downtime and shipment delays, translates to even greater revenue losses. In this case, it appears the Ryuk attack caused a two-week shutdown of most of Steelcase’s global order management, manufacturing and distribution systems, pushing revenues into the fourth quarter.”
Since you’re here …
Show your support for our mission with our one-click subscription to our YouTube channel (below). The more subscribers we have, the more YouTube will suggest relevant enterprise and emerging technology content to you. Thanks!
Support our mission: >>>>>> SUBSCRIBE NOW >>>>>> to our YouTube channel.
… We’d also like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.
If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.