Advertisement

Ransomware attacks hit event-management, wireless technology firms

It's a reminder of a digital scourge that costs U.S. businesses many millions of dollars a year.
wireless industry show
Canada-based Sierra Wireless is one of the victims (Flickr/Sierra Wireless Developer Program (T Cantegrel).

A Washington, D.C.-area event-management firm and a Canadian wireless technology provider are dealing with separate ransomware incidents — a reminder of a digital scourge that costs U.S. businesses many millions of dollars a year.

The incidents come as the Department of Homeland Security has undertaken a new initiative, backed by $25 million in additional funding, to combat a steady stream of ransomware attacks.

Ransomware attackers encrypted the systems of the events firm, Spargo Inc., on March 14, according to a notification sent by the Armed Forces Communications and Electronics Association (AFCEA), a Spargo client. Law enforcement personnel are investigating the incident, which may have exposed the phone numbers and physical and email addresses of some people who have attended AFCEA events, according to the notification.

AFCEA hosts popular government and industry events that U.S. military officers regularly attend. The ransomware incident does not appear to have involved more sensitive information such as financial data or Social Security numbers, according to AFCEA.  

Advertisement

“As a result of the cyberattack, the majority of our servers and files were encrypted, and our backups were unusable,” Spargo said in a statement. “Utilizing a third-party investigation firm, we obtained a decryption key from the attackers and the decryption of our system is ongoing.” 

Spargo, which boasts over $100 million in “exhibit and sponsorship” revenue annually, said that the Sodinokibi ransomware was involved in the incident. That strain of ransomware emerged in 2019 and featured in a days-long disruption of currency exchange Travelex beginning that December.

Separately, Sierra Wireless, which makes modems and other communications gear, said Tuesday that a ransomware attack had forced the firm to halt production at its manufacturing plants. The incident is causing Sierra Wireless to revise its financial outlook for the first quarter of 2021, the firm said in a statement. The breach appears to be limited to the firm’s internal systems, which Sierra Wireless said it was working to restore.

Sierra Wireless reported $87.6 million in revenue from connected “internet-of-things” devices in the fourth quarter of 2020.

Ransomware victims accounted for 2,747 complaints filed to the FBI’s cybercrime center in 2020, totaling $29.1 million in adjusted losses. But that is likely a fraction of the actual impact as some organizations don’t report ransomware incidents.

Advertisement

Brandon Wales, the acting head of DHS’s Cybersecurity and Infrastructure Security Agency, said Monday that the economics of ransomware still favor the attacker. “We have not cracked the code,” Wales said. “The ransomware problem has not gone away and we need new thinking on it.”

UPDATE, 04:07 p.m. EDT: This story has been updated with a statement from Spargo Inc.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts