By WSJ Staff
No sector or nation is untouched by ransomware attackers, Kevin Mandia, chief executive of cybersecurity firm FireEye Inc., said Wednesday.
"Pharmaceuticals, hospitals, healthcare, public companies, organizations that don't have the talent and skills to defend themselves -- they're getting sucker punched," Mr. Mandia said during the WSJ Pro Cybersecurity Executive Forum.
He added that hackers target public companies because they are more likely to pay a ransom rather than go public with the attack. Ransomware has become an intolerable situation, he said.
A ransomware attack on meat processor JBS SA is the latest incident showing how cyber hacks of major companies can ripple across the world. The meatpacker took a big chunk of U.S. beef-and-pork processing offline, sending buyers scrambling for alternatives and raising pressure on meat supplies.
The White House on Tuesday said the attack was part of a ransomware campaign by a criminal group that is likely based in Russia.
A May 7 ransomware attack on Colonial Pipeline Co. led to a six-day shutdown of the East Coast's largest conduit for fuel, sparking scrutiny of pipeline security and pushing the Department of Homeland Security to prepare to issue first-of-their-kind cybersecurity regulations for the sector.
Colonial paid a $4.4 million ransom to get code to unlock its data and systems but the decryption tool wasn't fully successful.
When industrial companies' technology systems are attacked, they may pause operations to prevent hackers from reaching tools that control physical systems, such as manufacturing machinery and pipeline sensors. This so-called operational technology is often customized for businesses, making it difficult to restore, and is central to their bottom lines, cybersecurity experts say.
A hack of such systems could snarl tools used to coordinate distribution or facilitate sales to customers, said Ron Brash, director of cybersecurity insights at cybersecurity firm Verve Industrial.
(MORE TO COME)
(END) Dow Jones Newswires