IoT Vendor Sierra Wireless Reports Ransomware AttackManufacturing and IT Systems Disrupted
(Update: On Friday, Sierra Wireless said it had partially recovered from a ransomware attack that took place earlier this week, enabling it to restart its production facilities. It was working to restore internal systems impacted by the attack.)
Canadian IoT device manufacturer Sierra Wireless reported Tuesday it had suffered a ransomware attack over the weekend, forcing it to halt production.
In a Securities and Exchange Commission 6-K filing, the company says that the attack began on Saturday and that its IT and cybersecurity teams are working with third-party advisers to bring Sierra Wireless's internal IT systems back online.
"At this time, Sierra Wireless believes the impact of the attack was limited to Sierra Wireless systems, as the company maintains a clear separation between its internal IT systems and customer-facing products and services," the company says in the SEC filing.
The Vancouver-based company notes the attack has disrupted its website and unspecified internal operations. The website remained inaccessible as Wednesday morning. The company did not report what type of ransomware is involved or if a ransom demand has been received.
Sierra Wireless has not responded to Information Security Media Group's request for additional information.
"The company believes it will restart production at these facilities and resume normal operations soon," Sierra Wireless says in the filing, although it gave no time frame for when operations would resume.
The ransomware attack has caused the company to withdraw the first-quarter 2021 financial guidance it provided on Feb. 23. According to Google Finance, the company generated $448.6 million in revenue in 2020.
Sierra Wireless makes a wide range of IoT connectivity and network products, including routers, modems, gateways and cellular devices.
"This ransomware attack highlights the complexity and far-reaching damage of a B2B data breach," says Stephan Chenette, co-founder and CTO at the security firm AttackIQ. "The incident impacts not only Sierra Wireless itself, but also its customers, who rely on up-to-date information to keep their operations moving forward,"
Ransomware vs. Manufacturers
PC maker Acer was also reportedly hit with a cyber incident over the weekend. News reports say the ransomware gang REvil was behind the attack and demanding a $50 million ransom payment. The company has not confirmed any of these details (see: Acer Reportedly Targeted by Ransomware Gang).
On March 11, Molson Coors Beverage Co. reported in an 8-K SEC filing it had been struck by a cyber incident that caused system outages throughout the brewer's manufacturing process. The company did not report how long it took for its systems to come back online (see: Beer Brewer Molson Coors Reports Ongoing Cyber Incident).