Tomnex |
Dreamstime M 41225428

Steelcase Cyber Attack Should Be a Wakeup Call

Nov. 13, 2020
Ransomware attack leads to world's largest office furniture manufacturer shuttering its operations.

In late October, another manufacturer fell victim to a serious ransomware attack.

Specifically, Grand Rapids, MI-based Steelcase suffered a Ryuk ransomware attack, forcing it to halt global operations for roughly two weeks.  As the world's largest office furniture manufacturer, Steelcase has nearly 13,000 employees, a network of 800 dealers, and $3.7 billion in revenue in 2020. According to its October 26 SEC filing, Steelcase "promptly implemented a series of containment measures to address this situation including temporarily shutting down the affected systems and related operations."

The question is: Why do these events continue to occur across manufacturing environments?

“The single biggest threat to enterprises today is underestimating and failing to address cybersecurity across all of their cyber and physical systems. Ransomware attackers are going after higher value targets and that includes operational networks.  And remediation costs and efforts to repair the operational, financial and reputational damage caused by these attacks put a significant strain on leadership teams," says Andrea Carcano, cofounder of IT/OT security provider Nozomi Networks. 

Carcano continues, "For manufacturing, time is money, and the current pandemic has only added to the industry’s financial challenges.  The disruption of IT and operational services, as well as manufacturing downtime and shipment delays, translates to even greater revenue losses.  In this case, it appears the Ryuk attack caused a two-week shutdown of most of Steelcase’s global order management, manufacturing and distribution systems, pushing revenues into the fourth quarter." 

Growing trend?

Unfortunately, hackers are increasingly finding today's manufacturers to be an attractive target.

And, as Zscaler's recently released 2020 State of Encrypted Attacks Report shows, ransomware is not the only growing security issue facing today's manufacturers. Results also show the manufacturing industry was the most targeted industry by phishing attempts (38.6%). In addition to phishing, manufacturing was the No. 1 target (26.5%) for browser exploits which allow attackers to take advantage of vulnerabilities in operating systems and change users’ browser settings without their knowledge.

According to report authors, "The manufacturing industry is often the target of cyberattacks because (traditionally, at least) this industry was highly fragmented, with individual facilities each using different IT infrastructures and multiple disjointed systems. As in other industries, without unified controls and centralized visibility and policy enforcement, security is incomplete and cybercriminals continue to exploit these holes."

The solution? According to Carcano, as IT and OT systems converge, security teams need to take a new, holistic approach to cybersecurity.  "Businesses should deploy artificial intelligence and machine learning tools across their IT/OT networks to gain real-time visibility and identify cyber threats and resolve issues before harm is done," he says. "With the right technology and a focus on best practices, it’s possible to monitor and mitigate these risks and achieve operational resiliency. A robust cyber defense strategy is the best line of defense against a ransomware attack.”

Popular Sponsored Recommendations

HCM and Digital Scheduling Technology: An Underutilized Solution for One of Manufacturing’s Biggest Challenges

April 2, 2023
Digital scheduling tools available via advanced Human Capital Management solutions offer compelling ways to improve production-line workforce retention, engagement, and productivity...

Do You Have Peace of Mind with Your Plant?

March 5, 2024
Can you call your supplier and get a response at 2 in the afternoon or 2 in the morning? Find out how many plants keep their operations running without worry.

Beware Extreme Software

Sept. 24, 2023
As a manufacturer, you understand the importance of staying ahead of the curve and being proactive in your approach to technology. With the rapid pace of change in the industry...

Redefining the Cost-Quality Equation with Holistic MES+QMS

March 28, 2022
Today’s manufacturers are under pressure to meet two often-opposing objectives: delight customers with high-quality products, and continually reduce operational costs while doing...

Voice your opinion!

To join the conversation, and become an exclusive member of IndustryWeek, create an account today!