Laser developer IPG Photonics hit by a ransomware attack

Nasdaq-listed U.S. laser company IP Photonics Corp. has been hit by a ransomware attack that shut down saw its information technology systems worldwide.

First reported Friday by Bleeping Computer, the ransomware attack involved the RansomExx strain of ransomware, sometimes also dubbed Ransom X.

RansomExx was first detected in July when Japanese technology company Konica Minolta Inc. was attacked and its services knocked offline for about a week. RansomExx is believed to be a newer version of a previous form of ransomware called Defray777.

As with the Konica Minolta attack, the ransom demand against IP Photonics included a message stating that law enforcement should not be contacted because ransom payments could be blocked. The message also said the victim should send one affected file to be unencrypted as proof that those behind the attack can deliver on their promise.

The attack on IP Photonics has U.S. national security implications. The company, while developing fiber lasers for cutting, welding and medical use, also develops laser weapons for U.S. defense forces. IP Photonics is a major developer of laser warfare technology and its technology has been deployed by the U.S. Navy on the USS Ponce.

Although there is some suggestion that those behind RansomExx and Defray777 are Russian state-sponsored hackers, the motivation appears to be financially motivated.

“The ransomware attack against IPG Photonics highlights a concerning trend,” Andrea Carcano, co-founder of operational technology and “internet of things” security company Nozomi Networks Inc., told SiliconANGLE. “Attackers are demanding higher ransoms and targeting larger and more critical organizations. These threats should be a serious concern for security professionals responsible for keeping not only IT, but OT and IoT networks safe.”

In manufacturing, he added, the disruption of IT services as well as manufacturing downtime and shipment delays translates to lost revenue. “The proliferation and complexity of ransomware attacks signifies the growing need for organizations to take the necessary steps to secure their systems,” he said. “It is never advisable to pay the ransom, and organizations that give in to the hackers’ demands are only fueling the profitability of the ransomware industry for attackers.”

To avoid such problems, Carcano suggested, businesses should deploy artificial intelligence and machine learning tools that can help identify cyberthreats in real time and resolve issues before harm is done. “With the right technology and a focus on best practices, you can increase visibility and operational resiliency,” he said. “We know from working with thousands of industrial installations that you can monitor and mitigate these risks, whether they stem from cybercriminals, nation-states or employees.”

Photo: Office of Naval Research/Wikimedia Commons

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy