Atlanta-based packaging giant WestRock (NYSE: WRK) on Friday shared an update on the recent ransomware incident that impacted the company’s information technology (IT) and operational technology (OT) systems.
The company has been investigating the incident while working on restoring impacted systems. The response process has involved proactively shutting down certain systems and enhancing cybersecurity measures.
The incident has impacted production, but WestRock says its operations are nearly back to normal. Some tasks are being performed manually by staff until all systems are restored.
“The Company’s mill system production through February 4 was approximately 85,000 tons lower than plan,” the company said in a press release on Friday.
To put that in perspective, WestRock’s annual report for 2020 says its corrugated packaging mills had an annual production capacity of nearly 12 million tons, while its consumer packaging mills had a production capacity of nearly 4 million tons.
The company has not shared any information about the attack itself and the ransomware that was used.
WestRock said it continues to assess the overall operational and financial impact of the incident, but noted that it does have cyber insurance.
“The Company maintains a variety of insurance policies, including cyber insurance and business interruption insurance. There may be a time lag between the initial incurrence of costs and the receipt of any insurance proceeds as the Company’s operations return to normal,” WestRock said.
The company’s stock fell by roughly 4 percent after news of the breach broke, and it has yet to recover.
This was not the only recently disclosed ransomware attack that had an impact on not only IT systems, but also OT systems. Trucking giant Forward Air, which suffered a ransomware attack that hit OT and IT systems in December 2020, estimated this week that the incident would have an impact of $7.5 million.
Related: Metro Vancouver Transportation Agency TransLink Hit by Ransomware
Related: Industrial Control Systems Ripe Targets for Ransomware Attacks
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- Exploitation of 55 Zero-Day Vulnerabilities Came to Light in 2022: Mandiant
- Organizations Notified of Remotely Exploitable Vulnerabilities in Aveva HMI, SCADA Products
- Waterfall Security, TXOne Networks Launch New OT Security Appliances
- Hitachi Energy Blames Data Breach on Zero-Day as Ransomware Gang Threatens Firm
- New York Man Arrested for Running BreachForums Cybercrime Website
- Exploitation of Recent Fortinet Zero-Day Linked to Chinese Cyberspies
- Mozilla Patches High-Severity Vulnerabilities With Release of Firefox 111
- Microsoft: 17 European Nations Targeted by Russia in 2023 as Espionage Ramping Up
Latest News
- Google Suspends Chinese Shopping App Amid Security Concerns
- Verosint Launches Account Fraud Detection and Prevention Platform
- Ransomware Gang Publishes Data Allegedly Stolen From Maritime Firm Royal Dirkzwager
- Zoom Paid Out $3.9 Million in Bug Bounties in 2022
- Oleria Scores $8M Seed Funding for ID Authentication Technology
- Exploitation of 55 Zero-Day Vulnerabilities Came to Light in 2022: Mandiant
- News Analysis: UK Commits $3 Billion to Support National Quantum Strategy
- Malicious NuGet Packages Used to Target .NET Developers
