UPDATED 21:41 EDT / NOVEMBER 12 2020

SECURITY

Furniture maker Steelcase shut down for two weeks following ransomware attack

A recent ransomware attack targeting furniture maker Steelcase Inc. caused the company to shut down operations for two weeks, according to information the company submitted to the U.S. Securities and Exchange Commission.

In the SEC filing today, Steelcase said it detected a cyberattack on its information technology systems Oct. 22. The company said it implemented a series of containment and remediation measures to address the situation. Those measures included the company “shutting down most of its global order management, manufacturing and distribution systems and operations for approximately two weeks.”

The attack was first reported in the media Oct. 27 and was attributed to the Ryuk ransomware gang. The fact that it was forced to cease nearly all operations for two weeks makes this attack stand out from what would usually be just another ransomware attack.

Steelcase, founded in 1912, is not a small business. The company is listed on the New York Stock Exchange and has more than 13,000 employees and $3.75 billion in annual revenue. According to Bleeping Computer, Steelcase notified employees Oct. 29 that they “could apply for unemployment instead of using [their] vacation time for hours missed,” since the company was unable to operate because of the ransomware attack.

The company claims that no data was stolen in the attack, saying in its SEC filing that it had “substantially completed its forensic investigation and has found no evidence that any exfiltration of sensitive business data, including intellectual property or customer, supplier or employee data, occurred as a result of this event.”

“Far too often organizations fall victim to a ransomware attack due to unauthorized network access,” Rene Paap, senior product marketing manager at secure access solutions company Pulse Secure LLC, told SiliconANGLE. “While unfortunate, this is a better result than some organizations face in ransomware situations, who suffer compromised private information, immeasurable reputational damage and costly fines. Without proper security protecting the enterprise network, companies are gambling with potential risk as threat actors are constantly looking for victims to exploit.”

Mr. Andrea Carcano, co-founder of security firm Nozomi Networks Inc., noted that the single biggest threat to enterprises today is underestimating and failing to address cybersecurity across all of their cyber and physical systems.

“Ransomware attackers are going after higher-value targets and that includes operational networks,” Carcano explained. “And remediation costs and efforts to repair the operational, financial and reputational damage caused by these attacks put a significant strain on leadership teams.”

Photo: Steelcase

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU