Update: Sierra Wireless Recovering from Ransomware Attack; Announces Resumption of Production
According to a company announcement on March 26, Sierra Wireless is recovering from the ransomware attack and has resumed production.
“Once the company learned of the attack, its IT and operations teams immediately implemented measures to counter the attack. In addition, within hours of discovery, Sierra Wireless engaged Blake, Cassels and Graydon LLP, one of the leading cyber security law firms, as breach coach and legal counsel, and KPMG, one of the world’s leading forensic investigation and cyber incident response firms, to lead Sierra Wireless’ response and investigation into the incident.
Sierra Wireless’ team, with the assistance of additional third-party advisors, believe they have addressed the attack and are currently working to restore Sierra Wireless’ internal IT systems. They continue to investigate the incident and the extent of the impact on the company’s internal IT systems.
“Security is a top priority, and Sierra Wireless is committed to taking all appropriate measures to ensure the highest integrity of all of our systems,” said Sam Cochrane, Chief Financial Officer, Sierra Wireless who also oversees IT operations and supply chain. “I’m proud of the efforts of our IT team and external advisors as they have mitigated the attack and made real progress in getting operations up and running. As the investigation continues, Sierra Wireless commits to communicating directly to any impacted customers or partners, whom we thank for their patience as we work through this situation.”
Initial story, March 24th
IoT company Sierra Wireless has halted production at its manufacturing sites after the company was hit by a ransomware attack on its internal IT systems on Mar. 20. The company’s website and other internal operations have also been disrupted by the attack.
The company hopes to restart production at these facilities and resume normal operations soon, the Canadian company said in a statement. In the meantime, Sierra Wireless asks its customers and partners for their patience as it seeks to remediate the situation. Sierra Wireless said the impact of the attack was limited to its own systems, as the company maintains a clear separation between its internal IT systems and customer facing products and services, it added.
The disruption caused by the attack forced Sierra Wireless to withdraw the first quarter 2021 guidance it provided on Feb. 23, 2021, it added.
“Once the company learned of the attack, its IT and operations teams immediately implemented measures to counter the attack in accordance with established cybersecurity procedures and policies that were developed in collaboration with third-party advisors,” Sierra Wireless said. “These teams, with the assistance of these and additional third-party advisors, believe they have addressed the attack, and are currently working to bring Sierra Wireless’ internal IT systems back online.”
The attack on Sierra Wireless comes a few months after a ransomware attack affected some of the operational technology (OT) and IT systems at paper manufacturer WestRock. The ransomware incident, which the company announced on Jan. 25, led to shipments from some of its facilities lagging in production levels.
Industrial cybersecurity firm Dragos said in its ‘ICS Cybersecurity Year in Review 2020’ report that cyber risk to industrial sectors has grown and accelerated dramatically, led by ransomware impacting industrial processes, intrusions enabling information gathering and process information theft, and new activity from adversaries targeting ICS.
Hackers often build programs and campaigns slowly over time, with later campaigns often being more successful and disruptive than previous efforts, Dragos pointed out. Some threats tracked by Dragos may develop disruptive and destructive capabilities later, though no such activity is observed at this time, it added.