Aviation Equipment Major ASCO Victim of Ransomware Attack
The Belgian manufacturer of aeronautical equipment ASCO was forced to close its operations in Belgium, Germany, Canada and the United States after a ransomware attack at its Zaventem plant in Belgium.
ASCO is one of the world’s largest manufacturers of aeronautical equipment and provides high-end aeronautical equipment, such as lifting devices, mechanical assemblies and functional components, to various aviation giants such as Boeing. Airbus, Lockheed Martin, Bombardier Aerospace and Embraer.
The computer systems at the Zaventem plant in Belgium, which also serves as headquarters, were attacked last Friday by a ransomware attack, forcing the company to close its factories in Belgium, Germany, Canada and the United States to mitigate the impact of the attack.
ASCO employees sent on leave for an indefinite period
ASCO, acquired last year by the American company Spirit AeroSystems, also sent about 1,000 of its 1,400 employees to these factories due to an extended shutdown and was asked not to return to work until new order. However, the company’s non-production offices in France and Brazil are currently operational.
ASCO has not yet issued any official statement regarding the attack on ransomware, nor has it communicated the details of the ransom demand, that the company intends to respond to the complaint or that the infection has caused the loss of intellectual property secrets. However, the company told the Brussels Times that it had not yet detected any theft or loss of information.
Andrea Carcano, CPO of the co-founder of Nozomi Networks, warned that it was never advisable to pay ransom in these situations. “There is no guarantee that criminals will restore the systems. Organizations must prepare for this type of event and have a plan to limit the damage and the reputation of the brand.
The attack comes two months after the European Commission approved the acquisition of the company by Spirit Aerosystems, based in the United States. The acquisition in cash of SRIF, the parent company of the Belgian-based aircraft components manufacturer, for a total amount of $ 650 million (£ 512 million) was announced in May 2018
The first EU regulatory review was stopped in October 2018 when Spirit withdrew its first contract notice to the Commission due to regulatory concerns. The company resumed the regulatory process in February 2019 after informing the European Commission on 30th January.
There was no press release or announcement from both companies. The LinkedIn and Twitter accounts of both companies did not provide any confirmation or acknowledgment of the attack until the report was released.
The aeronautics industry has been the target of hackers recently. When an airline is purchased, the new owner is more likely to go with the legacy systems instead of integrating them and updating them completely. New airlines are better equipped and have control on their IT system.
In terms of ransomware, prevention is better than cure. Keep all your systems are up-to-date with the latest patches and that there are no security vulnerabilities or that can leave an organization exposed to attackers.
Kevin Jones951 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.