Steelcase office furniture giant hit by Ryuk ransomware attack

Office furniture company Steelcase was hit by Ryuk ransomware attack that forced it to shut down its network to avoid the malware from spreading.

Steelcase is a US-based furniture company that produces office furniture, architectural and technology products for office environments and the education, health care and retail industries. It is the largest office furniture manufacturer in the world. It has facilities, offices, and factories in the Americas, Europe, Asia, the Middle East, Australia and Africa.

Steelcase has 13,000 employees and $3.7 billion in 2020. The company is the last victim of the Ryuk ransomware operators, the attack forced the firm to shut down its network to avoid the malware from spreading.

In an 8-K form filed with the Securities and Exchange Commission (SEC), the company has disclosed the ransomware attack that took place on October 22nd, 2020.

“On October 22, 2020, Steelcase Inc. (the “Company”) detected a cyberattack on its information technology systems. The Company promptly implemented a series of containment measures to address this situation including temporarily shutting down the affected systems and related operations.” reads the 8-K form.

The company immediately started the incident response procedure in an attempt to restore the affected systems and return to normal operations as soon as possible. The company is not aware of data loss caused by the ransomware attack.

Bleeping Computer, citing a source in the cybersecurity industry, confirmed that Steelcase suffered a Ryuk ransomware attack.

“At this time, the Company is not aware of any data loss from its systems or any other loss of assets as a result of this attack. Although cyberattacks can be unpredictable, the Company does not currently expect this incident will have a material impact on its business operations or its financial results.” continues the form.

Ryuk ransomware operators were very active during the recent weeks, recently the gang infected systems at the Universal Health Services and French IT outsourcer Sopra Steria.

In March, the City of Durham shut down its network after Ryuk Ransomware attack.

A few days before, EVRAZ, one of the world’s largest multinational vertically integrated steel making and mining companies, has been hit by the Ryuk ransomware.

The list of the victims of the Ryuk ransomware is very long and includes the US government contractor Electronic Warfare Associates (EWA), US railroad company Railworks, Croatian petrol station chain INA Group, and parts manufacturer Visser Precision.

Threat actors behind Ryuk attacks often used the BazarLoader or TrickBot infections to gain a foothold in the target networks and then deploy Ryuk.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Steelcase)

[adrotate banner=”5″]

[adrotate banner=”13″]