Analysis
Attacks and Vulnerabilities
Industrial Cyber Attacks
News

Sierra Wireless stops production at manufacturing sites following ransomware attack

March 24, 2021
ransomware attack

Update: Sierra Wireless Recovering from Ransomware Attack; Announces Resumption of Production

According to a company announcement on March 26, Sierra Wireless is recovering from the ransomware attack and has resumed production.

“Once the company learned of the attack, its IT and operations teams immediately implemented measures to counter the attack. In addition, within hours of discovery, Sierra Wireless engaged Blake, Cassels and Graydon LLP, one of the leading cyber security law firms, as breach coach and legal counsel, and KPMG, one of the world’s leading forensic investigation and cyber incident response firms, to lead Sierra Wireless’ response and investigation into the incident.

Sierra Wireless’ team, with the assistance of additional third-party advisors, believe they have addressed the attack and are currently working to restore Sierra Wireless’ internal IT systems. They continue to investigate the incident and the extent of the impact on the company’s internal IT systems.

“Security is a top priority, and Sierra Wireless is committed to taking all appropriate measures to ensure the highest integrity of all of our systems,” said Sam Cochrane, Chief Financial Officer, Sierra Wireless who also oversees IT operations and supply chain. “I’m proud of the efforts of our IT team and external advisors as they have mitigated the attack and made real progress in getting operations up and running. As the investigation continues, Sierra Wireless commits to communicating directly to any impacted customers or partners, whom we thank for their patience as we work through this situation.”

Initial story, March 24th 

IoT company Sierra Wireless has halted production at its manufacturing sites after the company was hit by a ransomware attack on its internal IT systems on Mar. 20. The company’s website and other internal operations have also been disrupted by the attack.

The company hopes to restart production at these facilities and resume normal operations soon, the Canadian company said in a statement. In the meantime, Sierra Wireless asks its customers and partners for their patience as it seeks to remediate the situation. Sierra Wireless said the impact of the attack was limited to its own systems, as the company maintains a clear separation between its internal IT systems and customer facing products and services, it added.

The disruption caused by the attack forced Sierra Wireless to withdraw the first quarter 2021 guidance it provided on Feb. 23, 2021, it added.

“Once the company learned of the attack, its IT and operations teams immediately implemented measures to counter the attack in accordance with established cybersecurity procedures and policies that were developed in collaboration with third-party advisors,” Sierra Wireless said. “These teams, with the assistance of these and additional third-party advisors, believe they have addressed the attack, and are currently working to bring Sierra Wireless’ internal IT systems back online.”

The attack on Sierra Wireless comes a few months after a ransomware attack affected some of the operational technology (OT) and IT systems at paper manufacturer WestRock. The ransomware incident, which the company announced on Jan. 25, led to shipments from some of its facilities lagging in production levels.

Industrial cybersecurity firm Dragos said in its ‘ICS Cybersecurity Year in Review 2020’ report that cyber risk to industrial sectors has grown and accelerated dramatically, led by ransomware impacting industrial processes, intrusions enabling information gathering and process information theft, and new activity from adversaries targeting ICS.

Hackers often build programs and campaigns slowly over time, with later campaigns often being more successful and disruptive than previous efforts, Dragos pointed out. Some threats tracked by Dragos may develop disruptive and destructive capabilities later, though no such activity is observed at this time, it added.

Anna Ribeiro
Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.

A complimentary guide to the who`s who in industrial cybersecurity tech & solutions

Free Download

Related

RMC
Risk Mitigation Consulting acquires Securicon, boosting cybersecurity and mission assurance offerings
Hackers target Tipton Municipal Utilities wastewater treatment plant, prompting federal investigation
Hackers target Tipton Municipal Utilities wastewater treatment plant, prompting federal investigation
New CGCYBER report warns of cybersecurity risks in marine environment due to network-connected OT systems
New CGCYBER report warns of cybersecurity risks in marine environment due to network-connected OT systems
Ukrainian CERT details malicious plan by Sandworm group to disrupt critical infrastructure facilities
Ukrainian CERT details malicious plan by Sandworm group to disrupt critical infrastructure facilities
DC3, DCSA collaborate to launch vulnerability disclosure program for defense industrial base
DC3, DCSA collaborate to launch vulnerability disclosure program for defense industrial base
Waterfall’s WF-600 unidirectional security gateway brings 'unbreachable protection' to OT/ICS networks
Waterfall, 2TS enter into cybersecurity alliance for African market
Honeywell’s 2024 USB Threat Report reveals significant rise in malware frequency, highlighting growing concerns
Honeywell’s 2024 USB Threat Report reveals significant rise in malware frequency, highlighting growing concerns
CISA declares winners of President’s Cup cybersecurity competition, with Artificially Intelligent team leading
CISA declares winners of President’s Cup cybersecurity competition, with Artificially Intelligent team leading
Enhancing industrial cybersecurity by tackling threats, complying with regulations, boosting operational resilience
Enhancing industrial cybersecurity by tackling threats, complying with regulations, boosting operational resilience
MITRE confirms breach on NERVE network, suspected foreign nation-state actor involved
MITRE confirms breach on NERVE network, suspected foreign nation-state actor involved