July 1st – In June, one of the world’s largest forklift manufacturers, the Crown Equipment Corporation, was hit with a cyber attack that has resulted in multi-week operational disruptions.
As the incident unfolded, employees were left in the dark. The company has 19,000 employees across 24 manufacturing plants in 14 locations, worldwide. Employees were told not to come into work and to instead apply for unemployment benefits.
The opacity around the issue was intended to prevent cyber threat actors, who were already in systems, from realizing that they had been noticed. Later, Crown told employees that they would receive advanced pay and could make up for lost hours once systems were restored.
What happened
Crown has stated that this cyber attack occurred due to a social engineering incident. The social engineering of an employee ultimately led to unauthorized computer/device access, and the installation of remote access software.
Although Crown has not confirmed whether or not the incident occurred due to a malicious insider, in press releases, the company noted the unwieldy variable that is human error when it comes to cyber security.
Cyber solutions
Cyber security experts have commented on the fact that this incident highlights the value of zero trust solutions. Zero trust solutions not only provide identity-based authentication for the network, but also offer protection for mobile devices and tablets. Non-traditional compute devices are extremely vulnerable to threats and require as much protection as the network.
Have you implemented zero trust? For more insights into zero trust solutions, please see CyberTalk.org’s past coverage. Lastly, to receive cyber security thought leadership articles, groundbreaking research and emerging threat analyses each week, subscribe to the CyberTalk.org newsletter.