Aviation major ASCO suffers ransomware attack, shuts operations
13 June 2019
Belgian aircraft equipment manufacturer ASCO was forced to shut down operations in Belgium, Germany, Canada, and the US after a ransomware attack crippled IT systems at its manufacturing plant in Zaventem, Belgium.
ASCO is among the world’s largest aircraft equipment manufacturers and supplies high-end aircraft equipment such as high lift devices, mechanical assemblies, and functional components to several global aviation giants such as Boeing, Airbus, Lockheed Martin, Bombardier Aerospace, and Embraer.
IT systems at the company’s manufacturing plant in Zaventem, Belgium, which also serves as its headquarters, were reportedly targeted by a ransomware attack last Friday, forcing the company to shut down its factories located in Belgium, Germany, Canada, and the US in order to mitigate the impact of the infection.
ASCO employees sent on indefinite leave
ASCO, which was taken over by US firm Spirit AeroSystems last year, also sent around 1,000 of its 1,400 employees at the said factories home due to the prolonged shutdown and they have been asked not to report back to work until further notice. However, the company’s non-production offices in France and Brazil are, at present, operational.
ASCO has not made any official statement about the ransomware attack so far, nor has it shared any details about the ransom demanded, whether the company intends to honour the demand, or whether the infection has led to loss of intellectual property secrets. However, the company told The Brussels Times that it has not detected any theft or loss of information so far.
“Ransomware continues to be a growing risk for many companies and once inside a network, unless there are controls in place to prevent the spread, it can take hold of the entire infrastructure rapidly,” said Javvad Malik, security awareness advocate at KnowBe4.
“It’s worth remembering that in most cases, the initial infection is through a phishing or spearphishing email, therefore it is important to train users and make them aware of the risks, so they can make better-informed decisions, and also escalate any potential issues where they may arise,” he added.
Earlier this year, a similar ransomware attack struck Norsk Hydro, one of the largest aluminium companies worldwide, forcing the company to switch to manual operations and take urgent steps to contain and neutralise the cyber attack.
NorCERT (Norway’s National Cyber Security Centre) later confirmed that Norsk Hydro had suffered a LockerGoga ransomware attack whcih was combined with an attack n Active Directory (AD).
“The attack has impacted operations in several of the company’s business areas globally. IT systems in most business areas are impacted and Hydro is switching to manual operations where possible. Hydro’s power plants are running normally on isolated IT systems,” said Norsk Hydro.