Manufacturing

Who: Johnson Controls International, a multinational conglomerate specializing in industrial control systems and security equipment, fell victim to a ransomware attack by the Dark Angels ransomware gang in September 2023.

What: The cyberattack involved unauthorized access, data exfiltration, and ransomware deployment, leading to a data breach. The Dark Angels gang claimed to have stolen over 27 TB of confidential data and demanded a $51 million ransom.

How: The attack originated from the firm's Asia offices, spreading throughout the network and forcing a shutdown of IT infrastructure, impacting customer-facing systems. Johnson Controls confirmed expenses of $27 million for responding to and remediating the cyberattack. Despite the breach, the company believes unauthorized activity is contained, and digital products and services are available. Ongoing assessments may result in increased costs as data is analyzed with external cybersecurity experts.

Dark Angels ransom note in Johnson Controls cyberattack

High-severity flaws in Bosch BCC100 thermostats and Rexroth NXA015S-36V-B smart nutrunners expose potential code execution. Bosch addressed the BCC100 vulnerability (CVE-2023-49722) in November 2023, closing an open port used for unauthorized connections.

Rexroth faces over two dozen flaws allowing attackers to disrupt operations, tamper with configurations, or install ransomware. Patches expected by January 2024; users advised to limit network reachability.

Read the full article HERE

A cybersecurity incident will cost the Brunswick Corporation as much as $85 million, the company’s CEO told investors last week.

The billion-dollar boating manufacturing firm announced a cyberattack on June 13 that impacted their systems and some of their facilities. The company brought in nearly $6 billion in revenue in 2021 and operates in 24 countries.

Brunswick officials did not confirm that the incident was a ransomware attack but said they were forced to stop operations in some locations while experts and law enforcement dealt with the incident.

During the company’s earnings call last week, CEO Dave Foulkes told investors and board members that the attack had a devastating effect on the company’s Q2 financial outlook.

Foulkes explained that the “IT security incident” caused “second quarter financial results that were lower than initial expectations.” After announcing the incident, it took the company nine days to get back up and running…

I am regularly inundated with cybercrime reports, and they all have at least two data points in common: ransomware is one of the most popular attack types used by threat actors (read: cybercriminals), and the manufacturing industry is one of the most popular targets for ransomware attacks.

Verizon’s 2023 Data Breach Investigations Report (DBIR) contains a wealth of well-presented information including explainers for anyone interested in cybersecurity, and it validates these points. Ransomware was present in 15.5% of all cybercrime incidents included in the study, with only denial of service (DoS) attacks topping it on the list. And where an incident resulted in a successful breach, 24% of those breaches involved a ransomware attempt, second only to use of stolen credentials.

Manufacturing, according to the DBIR, saw the fourth-largest number of incidents behind the public administration, information and finance industries, in that order. And these cybercriminals don’t have political or…