Ransomware Attacks Continue to Disrupt Industrial Manufacturers in the United States

Ransomware attacks and other malicious attempts continue to target the industrial manufacturing sector.

Molson Coors, a global brewing firm, disclosed a cybersecurity incident to the Securities and Exchange Commission this week (SEC).
WestRock, a packaging firm, revealed last month that it had been the target of a ransomware attack.

The attacks follow a year of threats and malicious attempts to profit from the COVID-19 pandemic's consequences.
Molson Coors and WestRock have also been victims of cyber-attacks.

Molson Coors filed a Form 8-K with the Securities and Exchange Commission on March 11 detailing the attacks that interrupted routine operations.
To put things in perspective, the form is used to announce major events that shareholders should be aware of.

The document did not specify what kind of cybersecurity incident triggered the'systems outage,' but it did state that the malicious activity had an impact on brewery operations, production, and shipments.
It also reported that the company was conducting an investigation into the problem and that it was working to restore service to its networks.
In the United States, Molson Coors has seven breweries and manufacturing facilities, ten in Europe, and three in Canada.
Coors, Blue Moon, and Miller Lite are only a few of the labels owned by the company.
The attack on WestRock, on the other hand, was identified as a ransomware attempt by the company.

The attacks, which were discovered on January 23, were said to have harmed the company's operational technology (O.T.) systems, causing disruptions in a variety of factory operations, including mill machine development and packaging.
On February 5, the company, whose clients include international electronics manufacturers such as General Motors, Heinz, and Home Depot, issued a statement regarding the incident.
WestRock stated in the update that they had begun an investigation into the ransomware attack and were working to recover from its destructive effects.
Ransomware in Industrial Settings
Ransomware is a term used by internet security experts to describe a program that infiltrates a system and disables or disrupts its normal functions.
The malware then asks the user to pay a monetary or other kind of "ransom" in return for the malicious code's deactivation.

Ransomware can be especially destructive to industrial networks, affecting manufacturing and critical infrastructure organizations.
A ransomware infection, for example, caused a two-day shutdown of a natural gas pipeline in the United States last year.
An actuated control valve and valve positioner control.
Ransomware attacks affecting industrial development have increased dramatically in recent years, with viruses such as WannaCry, Ryuk, and MegaCortex responsible for attacks in over 150 countries and billions of dollars in damages.

This is partly due to poorly protected industrial control systems (ICS), with a Claroty study from last year predicting that 70% of ICS vulnerabilities exposed in the first half of 2020 could be remotely exploited.
How Can These Problems Be Avoided?

The Cybersecurity and Infrastructure Protection Agency (CISA) published a Ransomware Guide in September to address these issues and help industrial companies develop their security practices.
image.pngThe cover of the Ransomware Guide. Image used courtesy of CISA
The guide, which was created in collaboration with the Multi-State Information Sharing and Analysis Center (MS-ISAC), provides a variety of tools to help educate best practices and recommendations for preventing, protecting, and responding to ransomware attacks.

Older Post Newer Post

Leave a comment

Please note, comments must be approved before they are published