Furniture maker Steelcase shut down for two weeks following ransomware attack
A recent ransomware attack targeting furniture maker Steelcase Inc. caused the company to shut down operations for two weeks, according to information the company submitted to the U.S. Securities and Exchange Commission.
In the SEC filing today, Steelcase said it detected a cyberattack on its information technology systems Oct. 22. The company said it implemented a series of containment and remediation measures to address the situation. Those measures included the company “shutting down most of its global order management, manufacturing and distribution systems and operations for approximately two weeks.”
The attack was first reported in the media Oct. 27 and was attributed to the Ryuk ransomware gang. The fact that it was forced to cease nearly all operations for two weeks makes this attack stand out from what would usually be just another ransomware attack.
Steelcase, founded in 1912, is not a small business. The company is listed on the New York Stock Exchange and has more than 13,000 employees and $3.75 billion in annual revenue. According to Bleeping Computer, Steelcase notified employees Oct. 29 that they “could apply for unemployment instead of using [their] vacation time for hours missed,” since the company was unable to operate because of the ransomware attack.
The company claims that no data was stolen in the attack, saying in its SEC filing that it had “substantially completed its forensic investigation and has found no evidence that any exfiltration of sensitive business data, including intellectual property or customer, supplier or employee data, occurred as a result of this event.”
“Far too often organizations fall victim to a ransomware attack due to unauthorized network access,” Rene Paap, senior product marketing manager at secure access solutions company Pulse Secure LLC, told SiliconANGLE. “While unfortunate, this is a better result than some organizations face in ransomware situations, who suffer compromised private information, immeasurable reputational damage and costly fines. Without proper security protecting the enterprise network, companies are gambling with potential risk as threat actors are constantly looking for victims to exploit.”
Mr. Andrea Carcano, co-founder of security firm Nozomi Networks Inc., noted that the single biggest threat to enterprises today is underestimating and failing to address cybersecurity across all of their cyber and physical systems.
“Ransomware attackers are going after higher-value targets and that includes operational networks,” Carcano explained. “And remediation costs and efforts to repair the operational, financial and reputational damage caused by these attacks put a significant strain on leadership teams.”
Since you’re here …
Show your support for our mission with our one-click subscription to our YouTube channel (below). The more subscribers we have, the more YouTube will suggest relevant enterprise and emerging technology content to you. Thanks!
Support our mission: >>>>>> SUBSCRIBE NOW >>>>>> to our YouTube channel.
… We’d also like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.