Ransomware attack shuts down Sierra Wireless IoT maker

Sierra Wireless, a world-leading IoT (Internet of Things) solutions provider, today disclosed a ransomware attack that forced it to halt production at all manufacturing sites.

The Canadian multinational headquartered in Richmond, British Columbia, has more than 1,300 employees worldwide, develops communication equipment, and has research and development centers in North America, Europe, and Asia.

Its products (including wireless modems, routers, and gateways) sold directly to OEMs are used by various industries, including automotive and transportation, energy, healthcare, industrial and infrastructure, computing, networking, and security.

Manufacturing plants shut down after attack

The ransomware attack hit Sierra Wireless' internal network over the weekend, on March 20. The company says that the attack did not impact any customer-facing services or products.

"At this time, Sierra Wireless believes the impact of the attack was limited to Sierra Wireless systems, as the company maintains a clear separation between its internal IT systems and customer facing products and services," the company said in a press release published today.

Following the attack, the company also had to shut down manufacturing plants worldwide, and it expects to resume production and operations soon.

"The company's website and other internal operations have also been disrupted by the attack," the IoT maker added.

Sierra Wireless's website is currently displaying a "site is under maintenance message."

Once the company learned of the attack, its IT and operations teams immediately implemented measures to counter the attack in accordance with established cybersecurity procedures and policies that were developed in collaboration with third-party advisors. These teams, with the assistance of these and additional third-party advisors, believe they have addressed the attack, and are currently working to bring Sierra Wireless’ internal IT systems back online. — Sierra Wireless

Sierra Wireless also withdrew the First Quarter 2021 guidance the company provided last month, on February 23.

The company did not provide any info on what ransomware operation was behind the attack or if they stole documents from compromised systems before encrypting them.

"Beyond notifying the third-party advisors, our customers and others impacted by the attack, we do not share our protocols for dealing with any ransomware attacks as this is considered highly sensitive and confidential," a Sierra Wireless spokesperson told BleepingComputer when contacted earlier today.