Two U.S. industrial chemical manufacturers, Hexion and Momentive, have reportedly been hit a ransomware attack which blocked access to IT systems and data. The companies make resins, silicones, and other industrial materials.
An internal email from Momentive’s CEO Jack Boss seen by media refers to a “global IT outage” that required the companies to deploy “SWAT teams” to contain the infection. Meanwhile, Hexion has announced in a press release that it was working to resume normal operations “in response to a recent network security incident.”
There are suggestions that the attack hit “hundreds of [Momentive’s] new computers,” resulting in significant data loss. Neither company have commented on the incidents publicly.
Reports suggest that the companies’ networks were infected by LockerGaga ransomware, the same ransomware that forced aluminium manufacturer Norsk Hydro to shut down its worldwide network just a week earlier.
An unnamed FireEye employee has reportedly revealed that they’ve dealt with multiple LockerGoga attacks on other industrial and manufacturing targets they declined to name, which would put the total number of victims in that sector at five or more.
If you become infected with ransomware, the National Crime Agency encourages industry and the public not to pay the ransom.
Using a Magento platform? Patch your site
Magento, a popular content management system (CMS), has released new version of its software addressing a number of security vulnerabilities.
37 new vulnerabilities have been discovered that affect platforms. Customers affected by e-commerce platforms successfully breached by these vulnerabilities will be contacted by the relevant companies.
Advice for any online e-commerce businesses using the platform is to upgrade to the latest patched versions as soon as possible. Security updates should always be applied as soon as possible to help mitigate against vulnerabilities such as these.
By patching the platforms, businesses can help defend against hackers exploiting the flaws which can compromise websites and cause the potential theft of customer’s payment card details.
Reports suggest that most of the issues could only be exploited by authenticated users, but one serious flaw was an SQL Injection vulnerability which could be exploited by unauthenticated, remote attackers.