Furniture Giant Steelcase Hit by Suspected Ransomware Attack

A multibillion-dollar furniture maker has become the latest big name apparently hit by a major ransomware attack.

Steelcase, the world’s largest maker of office furniture, revealed the attack in a filing with the Securities and Exchange Commission (SEC).

The firm claimed to have detected a cyber-attack on its IT systems last Thursday, October 22.

“The company promptly implemented a series of containment measures to address this situation including temporarily shutting down the affected systems and related operations,” it continued. “The company is actively engaged in restoring the affected systems and returning to normal levels of operations.”

At this stage it’s unclear which variant was responsible for the attack, although Steelcase said it is not aware of any data being stolen from its systems “or any other loss of assets as a result of this attack.

“Although cyber-attacks can be unpredictable, the company does not currently expect this incident will have a material impact on its business operations or its financial results,” it added.

That puts it in stark contrast with many recent victims of ransomware, which have suffered major financial losses as a result. IT services giant Cognizant, for example, claimed in May that an attack a month earlier may end up costing it $70m in Q2 2020 alone.

Steelcase certainly fits the bill as a target for “big game hunting” ransomware groups like Ryuk, Maze and REvil. The Grand Rapids-headquartered business made $3.7bn in revenue for fiscal 2020 and has nearly 13,000 employees, which means plenty of endpoints and users to target.

Compromised RDP endpoints and phishing emails are still the top threat vectors for such groups, with a brisk dark web trade in stolen and brute-forced RDP credentials ensuring a steady supply of targets.

The Steelcase attack came in the same week that French IT services giant Sopra Steria fell victim to what it claimed to be a new variant of the prolific Ryuk family.

What’s Hot on Infosecurity Magazine?