Steelcase Cyber Attack Should Be a Wakeup Call

By Tom Morrison posted 4 days ago


Ransomware attack leads to the world's largest office furniture manufacturer shuttering its operations. 

In late October, another manufacturer fell victim to a serious ransomware attack.

Specifically, Grand Rapids, MI-based Steelcase suffered a Ryuk ransomware attack, forcing it to halt global operations for roughly two weeks. As the world's largest office furniture manufacturer, Steelcase has nearly 13,000 employees, a network of 800 dealers, and $3.7 billion in revenue in 2020. According to its October 26 SEC filing, Steelcase "promptly implemented a series of containment measures to address this situation including temporarily shutting down the affected systems and related operations."

The question is: Why do these events continue to occur across manufacturing environments?

“The single biggest threat to enterprises today is underestimating and failing to address cybersecurity across all of their cyber and physical systems. Ransomware attackers are going after higher value targets and that includes operational networks. Remediation costs and efforts to repair the operational, financial, and reputational damage caused by these attacks put a significant strain on leadership teams," says Andrea Carcano, Cofounder of IT/OT security provider Nozomi Networks. 

Carcano continues, "For manufacturing, time is money, and the current pandemic has only added to the industry’s financial challenges. The disruption of IT and operational services, as well as manufacturing downtime and shipment delays, translates to even greater revenue losses. In this case, it appears the Ryuk attack caused a two-week shutdown of most of Steelcase’s global order management, manufacturing, and distribution systems, pushing revenues into the fourth quarter." 

Growing trend?

Unfortunately, hackers are increasingly finding today's manufacturers to be an attractive target, and as Zscaler's recently released 2020 State of Encrypted Attacks Report shows, ransomware is not the only growing security issue facing today's manufacturers. Results also show the manufacturing industry was the most targeted industry by phishing attempts (38.6%). In addition to phishing, manufacturing was the No. 1 target (26.5%) for browser exploits which allow attackers to take advantage of vulnerabilities in operating systems and change users’ browser settings without their knowledge. 

According to report authors, "The manufacturing industry is often the target of cyberattacks because (traditionally, at least) this industry was highly fragmented, with individual facilities each using different IT infrastructures and multiple disjointed systems. As in other industries, without unified controls and centralized visibility and policy enforcement, security is incomplete, and cybercriminals continue to exploit these holes."

The solution? According to Carcano, as IT and OT systems converge, security teams need to take a new, holistic approach to cybersecurity.  "Businesses should deploy artificial intelligence and machine learning tools across their IT/OT networks to gain real-time visibility and identify cyber threats and resolve issues before harm is done," he says. "With the right technology and a focus on best practices, it’s possible to monitor and mitigate these risks and achieve operational resiliency. A robust cyber defense strategy is the best line of defense against a ransomware attack.”


Written by:  Peter Fretty, Technology Editor, for Industry Week.