ASCO, one of the world's largest suppliers of airplane parts, has ceased production in factories across four countries due to a ransomware infection reported at its plant in Zaventem, Belgium.
As a result of having IT systems crippled by the ransomware infection, the company has sent home approximately 1,000 of its 1,400 workers.
ASCO planned for an initial downtime from Monday to Wednesday, but Belgium media reported [1, 2, 3, 4, 5] that the impromptu leave has been extended for the entire week, including the upcoming weekend.
Plants in four countries have been shut down
Per reports, the infection took root last Friday, June 7, and initially hit the company's Zaventem plant in Belgium, but ASCO also shut down factories in Germany, Canada, and the US.
Non-production offices located in France and Brazil were unaffected.
It is unclear if the company shut down operations at other factories because the ransomware managed to spread, or just as a precaution.
The former scenario might be the most plausible, as factories can be easily isolated from one another, without stopping production.
An ASCO spokesperson could not be reached via phone, and the company did not return an email requesting additional information and clarifications.
One of the most important airplane parts manufacturers
ASCO is one of the world's most important supplier of airplane parts and parts designs. Some of the company's clients include the biggest names in the airline transportation and military sectors, such as Airbus, Boeing, Bombardier, and Lockheed Martin.
ASCO-made parts are used for the F-35 fighter jet, the Airbus A400M military aircraft, Airbus and Boeing commercial passenger jets, and Ariane space launch rockets, just to name a few.
The name of the ransomware strain that infected the company's Belgium plant was not made public.
Unlike aluminum producer Norsk Hydro, who was hit by a similar ransomware attack earlier this year and provided constant updates about the incident, ASCO has been very quiet about its dealings.
Ironically, despite announcing that the ransomware attack caused losses worth nearly $40 million, Norsk Hydro stock gained value during the ransomware recovery process because of the company's open and candid incident reporting.
It is unclear if ASCO has already paid the ransom to recover access to its systems, is restoring from backups, or buying new systems and rebuilding its computer network from scratch, like some other ransomed companies did in the past.
Related malware and cybercrime coverage:
- Ancient ICEFOG APT malware spotted again in new wave of attacks
- FIN8 hackers return after two years with attacks against hospitality sector
- Germany: Backdoor found in four smartphone models; 20,000 users infected
- Microsoft warns about email spam campaign abusing Office vulnerability
- 8 years later, the case against the Mariposa malware gang moves forward in the US
- Two hacking groups responsible for huge spike in hacked Magento 2.x stores
- The dark web is smaller, and may be less dangerous, than we think TechRepublic
- Game of Thrones has the most malware of any pirated TV show CNET