Ransomware Infection Impacts WestRock IT and OT Networks

Summary

On January 23, 2021, WestRock – a billion-dollar American packing company – detected a ransomware infection on both their information technology (IT) and operational technology (OT) systems. In an update on January 26, the company stated that its security teams continue to remediate and recover from the ransomware incident, and have largely been able to continue to deliver for its customers. This incident highlights a number of concerns related to ransomware infections. Incidents at companies involved in the supply chain can have significant impacts across multiple companies and sectors. Additionally, as more companies integrate networked systems to their operational technology environments, safeguards are often not put in place to prevent malware infections from crossing between IT and OT networks. If the OT environments of critical infrastructure organizations are targeted, these could have significant consequences for its customers, and even threaten public health and safety.

Recommendations

The NJCCIC advises organizations to take proactive measures to increase their networks’ resiliency by implementing cybersecurity best practices, including layered defenses, following the principle of least privilege, establishing a comprehensive data backup plan, and requiring multi-factor authentication. The NJCCIC details recommendations to defend against ransomware infections in the Ransomware: Risk Mitigation Strategies guide.