Johnson Controls International recently reported a significant ransomware attack that has targeted its infrastructure. This disclosure was made public in a regulatory submission on September 27, 2023.
The filing reveals that a part of the company's internal IT infrastructure and applications were compromised. Although Johnson Controls has already implemented measures to counteract the affected systems and emphasizes that many systems remained untouched, there is anticipation that certain operations will still face disruptions.
Johnson Controls mentioned in the document, “We are currently evaluating the potential implications of this incident on the timely publication of our fourth quarter and overall fiscal year outcomes, and its potential financial repercussions.”
An article by Bleeping Computer, citing an unnamed insider, suggests the attack was initiated from a breach in Johnson Control’s Asian branches. The publication mentions that the attackers, identified as the Dark Angels ransomware group, are demanding $51 million as ransom for the alleged 27 TB of company data they hold, in addition to the encryption of the firm's systems.
In their official statement, Johnson Controls said, “We are diligently analyzing the scope of the compromised data and have initiated our incident response strategy. This involves implementing appropriate remedial measures to minimize the breach's effects, and we are poised to undertake further necessary actions.”
Suggestions for Customers of Johnson Controls Following the Ransomware Attack:
In light of the recent ransomware attack on Johnson Controls International, customers are advised to take precautionary measures to safeguard their data, operations, and assets. Here are some recommended steps:
- Stay Informed: Regularly check Johnson Controls' official channels (website, social media) and reputable news sources for updates on the situation.
- Change Passwords: Even if not directly affected, it's a prudent step to change passwords associated with Johnson Controls' services, especially if you use the same passwords across multiple platforms.
- Monitor Network Traffic: Be vigilant about any unusual activity or spikes in network traffic, as these could indicate unauthorized access or data breaches.
- Backup Important Data: Ensure you have recent backups of any critical data associated with Johnson Controls' products or services. Store these backups in a secure, offline environment.
- Check for Updates: Regularly update any software or firmware associated with Johnson Controls' products. Updates might include patches for vulnerabilities that the attackers exploited.
- Be Cautious of Phishing Attempts: Cybercriminals often exploit such incidents to launch phishing campaigns. Be wary of any emails, messages, or calls that claim to be from Johnson Controls and request personal information, payment, or direct you to external links.
- Engage Your IT Team: If you have an in-house IT or cybersecurity team, engage them to assess any potential vulnerabilities or breaches in your systems linked to Johnson Controls.
- Limit System Access: Temporarily restrict access to systems associated with Johnson Controls until the full scope and implications of the breach are known.
- Contact Johnson Controls: Reach out to your Johnson Controls representative or their customer support to clarify any concerns, understand any specific actions they recommend, or get updates on the incident.
- Stay Prepared: Consider this a wake-up call, not just for Johnson Controls related assets, but for all digital aspects of your business. Review and update your cybersecurity protocols and emergency response plans.