Ransomware attacks hit event-management, wireless technology firms

[mood]

Ransomware attacks hit event-management, wireless technology firms

 

Canada-based Sierra Wireless is one of the victims (Flickr/Sierra Wireless Developer Program (T Cantegrel).

 

A Washington, D.C.-area event-management firm and a Canadian wireless technology provider are dealing with separate ransomware incidents — a reminder of a digital scourge that costs U.S. businesses many millions of dollars a year.

 

The incidents come as the Department of Homeland Security has undertaken a new initiative, backed by $25 million in additional funding, to combat a steady stream of ransomware attacks.

Ransomware attackers encrypted the systems of the events firm, Spargo Inc., on March 14, according to a notification sent by the Armed Forces Communications and Electronics Association (AFCEA), a Spargo client. Law enforcement personnel are investigating the incident, which may have exposed the phone numbers and physical and email addresses of some people who have attended AFCEA events, according to the notification.

 

AFCEA hosts popular government and industry events that U.S. military officers regularly attend. The ransomware incident does not appear to have involved more sensitive information such as financial data or Social Security numbers, according to AFCEA.  

 

Spargo, which boasts over $100 million in “exhibit and sponsorship” revenue annually, did not respond to multiple requests for comment. 

 

Separately, Sierra Wireless, which makes modems and other communications gear, said Tuesday that a ransomware attack had forced the firm to halt production at its manufacturing plants. The incident is causing Sierra Wireless to revise its financial outlook for the first quarter of 2021, the firm said in a statement. The breach appears to be limited to the firm’s internal systems, which Sierra Wireless said it was working to restore.

 

Sierra Wireless reported $87.6 million in revenue from connected “internet-of-things” devices in the fourth quarter of 2020.

 

Ransomware victims accounted for 2,747 complaints filed to the FBI’s cybercrime center in 2020, totaling $29.1 million in adjusted losses. But that is likely a fraction of the actual impact as some organizations don’t report ransomware incidents.

 

Brandon Wales, the acting head of DHS’s Cybersecurity and Infrastructure Security Agency, said Monday that the economics of ransomware still favor the attacker. “We have not cracked the code,” Wales said. “The ransomware problem has not gone away and we need new thinking on it.”

 

 

Source: Ransomware attacks hit event-management, wireless technology firms

[mood]

Sierra Wireless resumes production after ransomware attack

 

 

Canadian IoT solutions provider Sierra Wireless announced that it resumed production at its manufacturing sites halted after a ransomware attack that hit its internal network and corporate website on March 20.

After learning of the attack, the company hired the services of "KPMG, one of the world’s leading forensic investigation and cyber incident response firms, to lead Sierra Wireless’ response and investigation into the incident."

Siera Wireless' IT staff is currently working on restoring its internal systems after bringing back online its corporate website.

 

The Canadian multinational added that the ransomware attack did not impact its customer-facing products and services since the affected internal IT systems are separated.

"Sierra Wireless believes that the impact of the attack was limited to Sierra Wireless’ internal systems and corporate website, and that its products and connectivity services were not impacted, and its customers’ products and systems were not breached during the attack," the company said.

"At this point in its investigation of the ransomware attack, the company does not expect there to be any product security patches, or firmware or software updates required as a result of the attack."

'Confidential' ransomware incident details 

The company did not provide info on what ransomware operation was behind the attack or if any data was stolen from compromised systems before they were encrypted in the statement published on March 25.

Following the March ransomware attack, the company also withdrew its First Quarter 2021 guidance provided last month, on February 23.

 

A Sierra Wireless spokesperson told BleepingComputer that no further details would be revealed as the company's "protocols for dealing with any ransomware attacks" are "considered highly sensitive and confidential."

"Security is a top priority, and Sierra Wireless is committed to taking all appropriate measures to ensure the highest integrity of all of our systems," said Sam Cochrane, Sierra Wireless Chief Financial Officer in charge of IT operations and supply chain.

"As the investigation continues, Sierra Wireless commits to communicating directly to any impacted customers or partners, whom we thank for their patience as we work through this situation."

 

The Canadian multinational headquartered in Richmond, British Columbia, with research and development centers in North America, Europe, and Asia, has over 1,300 employees worldwide.

 

Siera Wireless' products (including wireless modems, routers, and gateways) sold directly to OEMs are being used in IoT devices and other electronic devices such as smartphones, and an extensive array of industries, including automotive and transportation, energy, healthcare, industrial and infrastructure, computing, networking, and security.

 

 

Source: Sierra Wireless resumes production after ransomware attack