It may be hard to see someone intentionally targeting your firm. However, ransomware is real. And it is not going away. If anything, the trend of targeting manufacturers is intensifying.
The latest known target? Luxottica, the world’s largest eyewear manufacturer. The company has confirmed that it suffered a ransomware attack that forced the company to shut down operations. Italian media reported that operations at Luxottica plants in Agordo and Sedico were disrupted due to a significant computer system failure, and employees were sent home. Also affected were Luxottica portals and company-owned brands including Ray-Ban, Sunglass Hut, LensCrafters, EyeMed, and Pearle Vision – all of which were forced into temporarily limbo.
The apparent ransomware attack against Luxottica is more concerning for the likely infection vector rather than the payload. The Citrix vulnerability (CVE-2019029781) that was most likely leveraged to access Luxottica's environment was discovered in late 2019 and patched early in 2020. It should have been patched by now, which would have protected Luxottica if this was in fact the vector," Saryu Nayyar, CEO of Gurucul tells IndustryWeek. "Ransomware can be intrusive and do a lot of damage quickly. "The best case would be to keep it out of the environment in the first place, but when it does get in, the organization needs a solid business continuity plan that will let them recover quickly and get back into service with a minimum of down time."
Nayyar's advice to manufacturers is to review the organization's information security stack and business continuity plans and update as needed. "They need to make sure they have tools in place such as behavioral analytics that can quickly identify and mitigate attacks before they can do serious damage," she says. "Cybercriminals operate as a business. They have professional coders following established software development cycles, and the bottom line is that organizations need to be better at defense than the criminals are at attack."