Ransomware paralyzed production for at least a week at ASCO factories

Malware infections could be devastating for production environments, a ransomware infection halts production operations for days at airplane parts manufacturer ASCO.

ASCO, is of the world’s largest manufacturers of aerospace components

The company has offices and production plants in Belgium, Canada, Germany the US, Brasil, and France. ASCO provides components to Airbus, Boeing, Bombardier Aerospace, and Lockheed Martin.

A ransomware attack has paralyzed the production in ASCO plants across several countries worldwide. The attack reportedly started on Friday and at the time of writing the current extent of the internal damage is still unknown.

After the incident, nearly 1,000 employees out of 1400 were sent home for the entire week, on paid leave.

As a result of having IT systems crippled by the ransomware infection, the company has sent home approximately 1,000 of its 1,400 workers.

“Employees of the Asco company in Zaventem are technically unemployed for a few days because the company’s servers have been hacked. The company confirms that it has been hit by a cyber attack since Friday. A complaint has been submitted to the police.” states VRT (Flemish Radio and Television Broadcasting Organisation). “The public prosecutor says there are traces of “ransomware” found on the computers, with hackers asking ransom to re-release the blocked computers.“

The company reported the incident to the local authorities and hired third-party experts to investigate the attack.

“We have informed all competent authorities in this area of ​​this cyber attack and have brought in external experts to solve the problem,” says HR director Vicky Welvaert. “We are currently working on it with all our might.” Welvaert does not want to comment on whether the problem is now under control or from when the business activities will be restarted.

According to the media, the ransomware first hit the Zaventem plant in Belgium, but immediately after ASCO also shut down for precaution production factories in Germany, Canada, and the US.

At the time is not clear if the company decided to pay the ransom to restore its systems rapidly or simply restore its backups.

Despite ASCO should be a privileged target for cyber spies, its representatives told The Brussels Times that there is currently no evidence of theft of information.

“The company also notified the authorities, and told the paper there is currently no evidence of the theft of information, but that it is taking the situation very seriously.” reported The Brussels Times.

“Although ransomware attacks are usually only about money, a company like Asco, which has connections in the defence sector, could also be a targe”

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – ASCO, ransomware)

[adrotate banner=”5″]

[adrotate banner=”13″]