IoT Maker Sierra Wireless Suffers Ransomware Attack – Experts Reaction And Advice

In response to reports that Sierra Wireless, the leading IoT solutions provider, disclosed a ransomware attack that forced it to halt production at all manufacturing sites, experts offer perspective. 

Subscribe
Notify of
guest
2 Expert Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Chris Clements
Chris Clements , VP
InfoSec Expert
March 25, 2021 12:23 pm

<p>Sierra Wireless claims that they don’t currently believe that any customer services or products have been affected, but given the recent SolarWinds based supply-chain compromise I urge both Sierra and their customers to closely review software and firmware to ensure that no malicious alterations have been introduced by the attackers.  Even if there is no reason to believe that such access would have been possible, the scale of devices Sierra Wireless manufactures warrant a thorough review to ensure the safety of their customers.</p> <p> </p> <p>It’s important that all organizations understand the cost of a ransomware attack.  It’s not just the cost of investigation and restoration (which can be significant), but in many cases, it means that business operations halt altogether.  Sierra Wireless’s main website remains offline 3 days after first discovering the attack and they have self-reported the shutdown of their manufacturing lines. </p> <p> </p> <p>Another unspoken precursor often necessary for a successful mass-scale ransomware attack is that after gaining initial access, say by phishing an average employee, the cybercriminals are successful in escalating their network privileges and gaining enterprise-wide administrative access to the entire organization.  This means they have more or less complete control of all systems and data on the network and all of the potential risks of alteration, theft, and disclosure that level of access suggests.</p>

Last edited 1 year ago by Chris Clements
Bryan Embrey
Bryan Embrey , Product Marketing
InfoSec Expert
March 25, 2021 12:21 pm

<p>The famous WannaCry ransomware attack spread due to known vulnerabilities in Microsoft’s SMB protocol.  The NotPetya variant spread via email attachments but exploited the same vulnerability.  While it is unclear how Sierra Wireless was attacked, ransomware attacks typically succeed through unpatched systems.  The FBI advises adopting a broad strategy when addressing ransomware that includes managing the use of privileged accounts and configuring access controls, both of which are zero trust mechanisms.  Organizations of all sizes should consider adopting zero trust as well as patching outdated systems and ensuring anti-virus and anti-malware solutions are up to date to combat the dangers of increasingly sophisticated ransomware.</p>

Last edited 1 year ago by Bryan Embrey
2
0
Would love your thoughts, please comment.x
()
x