Ransomware attack halts production at IoT maker Sierra Wireless

Internal systems are still down following a ransomware attack - but customer products haven't been affected, the company says.
Written by Danny Palmer, Senior Writer

A multinational manufacturer of Internet of Things (IoT) devices has halted production after falling victim to a ransomware attack.

Canadian IoT maker Sierra Wireless says it suffered a ransomware attack against its internal IT systems on March 20, which has led to production being halted at its manufacturing sites. Internal operations have also been disrupted by the attack and at the time of writing, the company website is down, stating that it's "under maintenance".

The company says the impact of the attack is limited to internal Sierra Wireless systems and customer-facing products haven't been affected by the incident because the networks of internal IT systems and services designed for customers are separated.

SEE: IoT: Major threats and security tips for devices (free PDF) (TechRepublic)

It's currently unknown when production facilities and other systems will return to normal, but Sierra Wireless believes it has addressed the attack and operations will resume "soon".

After falling victim to attack, the company says it implemented counter-measures to mitigate it in accordance with "established cybersecurity procedures" developed alongside third-party cybersecurity advisors, who've also been involved in investigating the attack.

"Sierra Wireless asks its customers and partners for their patience as it seeks to remediate the situation," the company said in a statement.

It's currently unknown what kind of ransomware Sierra Wireless has fallen victim to or how it was able to infiltrate the network. 

SEE: How 3D printing is helping CERN scientists upgrade the world's largest machine

ZDNet contacted Sierra Wireless to clarify what has happened, but was told that the company isn't sharing additional information about the ransomware attack at this time.

Ransomware remains an issue for organisations across the world and a recent report detailed it as the biggest cybersecurity concern for chief information security officers (CISOs) and chief security officers (CSOs).


Editorial standards