1,000 of 1,400 employees were sent home and all manufacturing halted as Belgian company ASCO Industries, a key leader in manufacturing components for both civilian and military planes, fell victim to a ransomware attack on June 7.
One week later, ASCO describes the incident as a "large-scale ransomware attack". It's important to note that the attack came two months after the European Commission approved the acquisition of the company by US-based Spirit Aerosystems.
As ASCO Industries manufactures airplane parts for Airbus, Boeing, Bombardier Aerospace, Lockheed Martin and the new F-35 fighter plane, the impact has been felt around the world.
The company has plants in Belgium, Germany, Canada and the US, as well as office representation in Brazil and France. A week later, the plants are still closed and an investigation by external experts seeks to determine the actual damage caused. The infection occurred at the production plant in Belgium, but the plants in the rest of the locations were shut down as a precaution to prevent the ransomware from spreading across the entire network.
ASCO hopes to restore operations this week, saying that it has “installed several work streams to allow a safe and secure restoration of our systems in the different sites”, later adding that the organization is “gradually rolling out our business continuity strategy to restore operations”.
Over the past week, it seems that ASCO may have been missing core security controls that could've more quickly enabled the company to recover from ransomware attacks and other IT system failures.
This convergence of IT with OT networks offers substantial benefits but is also provides a greater opportunity to impact the bottom line of the business and safety of operations and employees, as we've seen with the safety tampering Triconex malware.
The fact that ASCO had to halt operations in four countries for over a week is especially devastating.
If you're operating a manufacturing company and haven't conducted a recent audit of your controls, please reach out. Before a major incident is the best time to have these discussions.