Embraer, a Brazilian manufacturer of aircraft, has disclosed that hackers managed to breach its computer systems, and steal data.
Although Embraer may not be a household name, it is the world’s third-largest producer of civil aircraft (after Boeing and Airbus), having delivered more than 8,000 aeroplanes to date.
According to a press release issued by the firm, Embraer spotted it was being attacked on November 25 2020, which resulted in “a single environment of the company’s files” being left inaccessible.
The company says that upon discovering the security breach it immediately initiated procedures to protect the rest of its network infrastructure, isolating other systems proactively which resulted in some of its normal business operations being disrupted.
According to local media reports, Embraer employees working remotely from home have found it difficult to access the company’s systems since the attack occurred.
Although it doesn’t confirm as much in its press release, from the sound of things Embraer should be considered the latest in a long line of corporations to have suffered a ransomware attack.
Indeed, anonymous sources familiar with the security breach say that the company has received a ransom note, demanding payment in cryptocurrency for a decryption key and the promise that stolen data will not be published on the internet.
Obviously the ideal scenario is for companies to prevent hackers from activating ransomware on its systems in the first place, but if Embraer is accurate in saying that it managed to limit the amount of data that was compromised and did successfully isolate other systems from being affected then that is something that should be cheered.
Also, the company should be applauded for its reasonably rapid disclosure of the incident. The attack occurred on November 25th, and a press release issued on November 30th.
No doubt that timeline was speeded up by the hackers’ disclosure of some of the stolen data and Brazilian legislation which requires companies to disclose security breaches in a speedy fashion, but compare that to some other organisations which have taken many months to confirm that they have suffered a cyber attack.
Don’t just cross your fingers and hope that ransomware never hits your company. Take action now to reduce the chances of becoming the next victim.
All organisations would be wise to follow these 30 tips on how to prevent a ransomware attack.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.