Tech Manufacturer Data I/O Struck by Ransomware Attack
▼ Summary
– Data I/O, a manufacturer of Flash-based device solutions, experienced a ransomware incident on August 16 that forced it to take systems offline and temporarily disrupt operations.
– The company is working to restore affected systems but does not yet know the timeline for full restoration or the full scope and impact of the incident.
– While the incident currently appears not to have a material operational impact, expected costs for recovery are likely to materially affect the company’s finances.
– An expert warned that such attacks on manufacturers can significantly disrupt supply chains, especially given Data I/O’s high-profile customers like Tesla and Microsoft.
– Manufacturers are frequent ransomware targets due to their low tolerance for downtime and sensitive intellectual property, with industry downtime costs estimated at $17 billion since 2018.
A major technology manufacturer specializing in data and security programming is currently working to recover its systems following a disruptive ransomware attack, as detailed in a recent regulatory disclosure. The incident has temporarily halted several critical operations, raising concerns about supply chain dependencies and cybersecurity readiness within the industrial sector.
Data I/O, a U.S.-based firm that supplies Flash-based solutions for automotive, medical, consumer electronics, and industrial control applications, reported the cyberattack in an SEC filing. The breach occurred on August 16, prompting the company to take multiple platforms offline and enact immediate countermeasures to contain the threat.
In its statement, the manufacturer acknowledged that the attack has disrupted internal and external communications, shipping, receiving, manufacturing production, and other essential support functions. Although some operations have been partially restored using contingency plans, the company has not provided a definitive timeline for full recovery. An ongoing investigation means the complete scope and impact of the incident remain uncertain.
While Data I/O initially suggested the event did not cause significant operational damage, it admitted that related expenses, such as fees for cybersecurity contractors and recovery efforts, could still materially affect its financial standing. So far, there has been no confirmation of data theft, though the possibility has not been ruled out.
Industry experts emphasize the broader implications of such attacks. Pete Luban, Field CISO at AttackIQ, pointed out that manufacturers like Data I/O play a crucial role in global supply chains, serving high-profile clients including Tesla, Panasonic, Amazon, Google, and Microsoft. Luban urged other manufacturers to adopt proactive security strategies, such as adversarial emulation, to test defenses against common ransomware tactics before attacks can cripple vital infrastructure.
Manufacturing firms are frequently targeted by ransomware groups due to their low downtime tolerance and the valuable intellectual property they handle. A recent industry report highlighted that ransomware-related downtime has cost the manufacturing sector an estimated $17 billion since 2018, underscoring the critical need for robust cybersecurity measures.
(Source: Info Security)
