UPDATED 21:41 EDT / NOVEMBER 12 2020

SECURITY

Furniture maker Steelcase shut down for two weeks following ransomware attack

A recent ransomware attack targeting furniture maker Steelcase Inc. caused the company to shut down operations for two weeks, according to information the company submitted to the U.S. Securities and Exchange Commission.

In the SEC filing today, Steelcase said it detected a cyberattack on its information technology systems Oct. 22. The company said it implemented a series of containment and remediation measures to address the situation. Those measures included the company “shutting down most of its global order management, manufacturing and distribution systems and operations for approximately two weeks.”

The attack was first reported in the media Oct. 27 and was attributed to the Ryuk ransomware gang. The fact that it was forced to cease nearly all operations for two weeks makes this attack stand out from what would usually be just another ransomware attack.

Steelcase, founded in 1912, is not a small business. The company is listed on the New York Stock Exchange and has more than 13,000 employees and $3.75 billion in annual revenue. According to Bleeping Computer, Steelcase notified employees Oct. 29 that they “could apply for unemployment instead of using [their] vacation time for hours missed,” since the company was unable to operate because of the ransomware attack.

The company claims that no data was stolen in the attack, saying in its SEC filing that it had “substantially completed its forensic investigation and has found no evidence that any exfiltration of sensitive business data, including intellectual property or customer, supplier or employee data, occurred as a result of this event.”

“Far too often organizations fall victim to a ransomware attack due to unauthorized network access,” Rene Paap, senior product marketing manager at secure access solutions company Pulse Secure LLC, told SiliconANGLE. “While unfortunate, this is a better result than some organizations face in ransomware situations, who suffer compromised private information, immeasurable reputational damage and costly fines. Without proper security protecting the enterprise network, companies are gambling with potential risk as threat actors are constantly looking for victims to exploit.”

Mr. Andrea Carcano, co-founder of security firm Nozomi Networks Inc., noted that the single biggest threat to enterprises today is underestimating and failing to address cybersecurity across all of their cyber and physical systems.

“Ransomware attackers are going after higher-value targets and that includes operational networks,” Carcano explained. “And remediation costs and efforts to repair the operational, financial and reputational damage caused by these attacks put a significant strain on leadership teams.”

Photo: Steelcase

A message from John Furrier, co-founder of SiliconANGLE:

Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes Amazon Web Services and Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.

Join Our Community 

We are holding our third cloud startup showcase on Sept. 22. Click here to join the free and open Startup Showcase event.

“TheCUBE is part of re:Invent, you know, you guys really are a part of the event and we really appreciate your coming here and I know people appreciate the content you create as well” – Andy Jassy

We really want to hear from you, and we’re looking forward to seeing you at the event and in theCUBE Club.