Major Attacks That Hit the Manufacturing Sector in 2019

• The primary contributor to the ransomware attacks in the manufacturing sector includes LockerGoga ransomware, followed by WannaCry, GandCrab, and BitPayment ransomware.
• LockerGoga ransomware targeted several industrial and manufacturing companies including Altran Technologies, Norsk Hydro, Hexion, and Momentive.

Context

The manufacturing sector has been continuously facing the brunt of cyberattacks in recent years. Especially, ransomware attacks have targeted a number of manufacturing companies and industrial firms in 2019. The primary contributor to these ransomware attacks includes LockerGoga ransomware, followed by WannaCry, GandCrab, and BitPayment ransomware.

Numbers that matter

Manufacturing firms are an appealing target for attackers because of the critical infrastructure used by the sector.

• A research conducted by IBM's X-Force IRIS incident response team revealed that 50% of organizations affected by cyber-attacks in 2019 are in the manufacturing sector.
• According to the report, 60% of manufacturing firms were hit with at least one WannaCry-related attack in the first six months of 2019.

LockerGoga ransomware attacks

LockerGoga ransomware targeted several industrial and manufacturing companies including Altran Technologies, Norsk Hydro, Hexion, and Momentive.

• On January 24, 2019, LockerGoga infected a French engineering firm ‘Altran Technologies’, forcing the company to shut down its IT network and all other applications.
• In March 2019, the ransomware hit Norweigan aluminum giant Norsk Hydro impacting its operations and IT systems in most of the business areas across the world. The attack forced the aluminum giant to switch its operations to a manual mode. A week after the ransomware attack, Norsk Hydro estimated that total losses from the incident have reached over $40 million.
• The same month, two American chemical companies, namely Hexion and Momentive fell victim to the LockerGoga ransomware attack. The ransomware infection forced the companies to order hundreds of new computers.

Other major ransomware attacks against manufacturing firms

• ASCO, one of the largest airplane parts manufacturers, suffered a ransomware attack crippling production in factories across four countries including Belgium, Germany, Canada, and the United States.
• Aebi Schmidt, a Switzerland-based manufacturer of special-purpose vehicles and attachments suffered a ransomware attack that crippled the company’s IT systems. The ransomware attack impacted the Aebi Schmidt’s European base.
• On February 18, 2019, a new variant of BitPaymer ransomware infected a US manufacturing firm via PsExec, a command-line tool that allows the execution of processes on remote computers.
• In May 2019, GandCrab ransomware was spotted targeting an unnamed Japanese manufacturing firm.

Some prominent malware attacks that hit the manufacturing firms

• In January 2019, Titan Manufacturing and Distribution Inc suffered a cyber attack compromising customer data after its computer systems were infected with malware. The compromised information included customers’ full names, billing addresses, contact numbers, payment card details such as card numbers, expiration dates, and verification codes.
• In August 2019, LokiBot malspam campaign targeted a major US manufacturing firm.