Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Forklift. Show all posts

Cyberattack Cripples Forklift Giant Crown Equipment's Production

 


In a recent report to the company's employees, Ohio-based Crown Equipment, which is one of the world's largest industrial and forklift truck manufacturers, confirmed that it had been attacked by a cybercriminal organization. After a cyberattack, the company has had to shut down its operating systems due to a cyberattack on one of its biggest forklift manufacturing companies. The Crown Equipment Group reported a cyberattack on Wednesday and is investigating the incident, announcing that the attack was the result of a successful social engineering attack against an unidentified “international cybercriminal organization. 

There have been suspicions at BornCity that this attack was the result of a social engineering attack against a Crown employee. However, no further details were provided regarding the nature of the incident by the company, except the fact that it was perpetrated by an international cybercriminal organization, leading some to believe the firm might have been the victim of a ransomware attack. As part of the investigation into the cyberattack, the Federal Bureau of Investigation has also been engaged. 

In addition to the incident catching the attention of the Information Technology (IT) community, Chief Executive Officer Bryan Hornung of Xact IT and Cybersecurity has been involved in the attack as well. Since he started Xact IT and Cybersecurity twenty years ago, Hornung has spent twenty-five years in the industry. One of the largest forklift manufacturers in the world, Crown employs 19,600 people across 24 production plants situated in 14 locations around the world. Crown is a company with more than 20 years of experience.  

Approximately six days ago, Crown employees started reporting that the company had been compromised and that all IT systems had been shut down. Employees were advised that they should not accept MFA requests or be wary of phishing emails and to stop accepting MFA requests. The company has been experiencing problems with its IT systems, causing employees to not be able to clock in their hours, access service manuals, or, in some cases, deliver machinery. Initially, employees were told that if they wanted to get paid for those days they missed, they would have to file for unemployment or use their banked paid time off (PTO) and vacation days. 

In an attempt to rectify this, BleepingComputer was informed that employees would be given their regular salaries in advance as a way of making up for the unused hours. Earlier today, Crown was forced to publicly confirm its involvement in the cyberattack for the first time, saying that its ongoing security measures had a direct impact on limiting the damage caused by the cyberattack. According to the company, it is still working on recovering from the disruption caused by the attack and is still making progress towards returning to normal business operations. 

Additionally, Crown is working closely with its customers to reduce the impact of the incident on their businesses," according to a statement released by the company. While manufacturing continues to be disrupted, the company is slowly resuming operations. However, systems are gradually coming online again. As of right now, Crown has not been able to provide any information on what type of cyberattack they suffered, but they have acknowledged that the incident was likely caused by an "international cybercriminal organization," which would indicate that the company was targeted by ransomware. 

There are unfortunately several dangers associated with the use of ransomware in the computing industry, one of which is that it can also expose corporate data as a result of the cyber attack if it is not paid a ransom. The company has not acknowledged reports of a ransomware attack. But rumours have it that it was caused by ransomware. In the end, it remains to be seen exactly the extent of the compromise: it is possible that it was limited, and that the disruption was mainly caused by Crown's quick response to cut off the network before the malware had a chance to infect the system. 

As an alternative explanation, one may also be able to attribute the long recovery time to the fact that systems have been cleaned before re-installing them and that the backups are not encrypted, rather than having been encrypted from the start. While this is going on, it's quite evident that the reputation of the company with its employees has been damaged, since the employees have been left hanging for days without any or an inadequate explanation as to what exactly their paychecks would look like in consequence of this downtime. In addition to the manufacturing stoppage having an impact on the company's profits, it will also have an impact on businesses that are dependent on Crown becoming fully operational to do their work daily.