It has been announced that ASCO, one of the world’s largest suppliers of airplane parts, has ceased production in factories across four countries due to a ransomware infection reported at its plant in Zaventem, Belgium. As a result of having IT systems crippled by the ransomware infection, the company has sent home approximately 1,000 of its 1,400 workers.
Experts Comments:
Andrea Carcano, CPO of Co-founder at Nozomi Networks:
“The attack against ASCO has once again highlighted the dangerous power of ransomware. The attack has brought operations to a halt and resulted in over a thousand employees being sent home which will be having a significant impact on the organisation financially.
When it comes to ransomware, prevention is always better than cure as, if infected, it is never advisable to pay the ransom as it is not guaranteed that the criminals will honour the agreement and restore systems/data. Organisations should prepare for these types of events and have an incident response plan in place to help limit the damage caused, not only to production but also to customer trust and brand reputation.
Organisations need tools that will help them immediately identify when something ambiguous is happening within the infrastructure. Applying artificial intelligence and machine learning for real-time detection and response, organizations can monitor for malware to rapidly discover and act to remove malicious code and the risks posed before harm is done.”
Shlomie Liberow, Technical Program Manager at HackerOne:
“Airplane manufacturer ASCO being hit by ransomware continues the trend of cybercriminals focusing their efforts on industry and manufacturing as their targets – recognizing the costly and disruptive effect such a shutdown will have on the business.
This comes only a few months after Norsk Hydro was also shut down by ransomware – however, Norsk showed the world that while ransomware is costly and devastating in the moment, it doesn’t have to have a lasting effect on reputation as the open and transparent way Norsk dealt with the attack resulted in a rise in share price. Public understanding of ransomware is on the rise so if ASCO reacts quickly and in a way that keeps relevant stakeholders informed, hopefully it will see no lasting damage to reputation.
Difficult as it may seem to prevent these attacks, when it comes to ransomware, prevention is always better than cure. This means ensuring all systems are up to date with the latest patches and that there are no security vulnerabilities or weaknesses which could leave an organisation exposed to attackers.”
Javvad Malik, Security Awareness Advocate at KnowBe4:
“Ransomware continues to be a growing risk for many companies and once inside a network, unless there are controls in place to prevent the spread, it can take hold of the entire infrastructure rapidly. It’s worth remembering that in most cases, the initial infection is through a phishing or spearphishing email, therefore it is important to train users and make them aware of the risks, so they can make better-informed decisions, and also escalate any potential issues where they may arise.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.