The Intershop Meat Plant in Delano, GA was shut down over the weekend when the control system at the plant was hit by a ransomware attack. The facility was hit with the WannaControl ransomware that specifically targets industrial control systems made by the Robotron Company.
Immanuel C. Securitage, spokesperson for ECS-CERT told reporters this morning that that the company’s control systems at the Delano facility were locked out on Saturday morning as the first shift started work. After briefly trying to operate the facility’s chicken deboning production line manually, management sent the shift home early and announced that it would let workers know when they should return to the plant.
Horst Sinderman, the facility manager, told reporters that the company would not be meeting the ransom demand. “We have been having a hard-enough time keeping the facility open during the COVID-19 pandemic,” he said: “The increased cleaning costs and other COVID prevention measures have already cut deeply into our profit margin. There is no money available to pay for the demanded 1,000-bitcoin ransom demanded by Trabajo Se Unen, a previously unidentified malware group.
A tweet by TrabajoSeUnen that was quickly taken down on TWITTER® said: “We have struck down Intershop to take care of our sick brothers and sisters and their families.”
When Sinderman was asked about the tweet he acknowledged that over three hundred employees have contacted COVID-19. “Our company has covered the medical bills for all of the sick employees,” he said; “And we continued the employees pay checks during their recovery at half-pay even though we believe that most of the infections came from exposures outside of the facility.”
Dade Murphy, CTO of Dragonfire Cyber, said that his company has long thought that the WannaControl malware was the work of Stasi Ehemalige, the German hacking collective. “They have a long history of penetration of Robotron,” he told this reporter; “There are many coding similarities between WannaControl and other malware that affects Robotron products. We also suspect that they have organizational roots that trace back to European radical groups that were financed by the East Germans during the Cold War.”
Johnathan Quest, spokesperson for the Federal Bureau of Inquiry, told reporters that information gleamed from the dark web indicated that the authors of WannaControl have recently started to advertise cut-rate sales of their ransomware to radical labor activists in Europe and the United States. “According to some dialogs that we have intercepted, the WannaControl ‘sales team’ is recommending that ransomware attacks be used to punish companies that fail to properly take care of their employees during the COVID-19 pandemic,” Quest explained; “They are apparently selling the use of the malware for such attacks at a reduced rate. In at least one case the use was sold for 10% of the normal price.”
Vicente Lombardo Toledano, the President of Amalgamated Meat Cutters Local 1936 (AMC 1936), said that closing the plant was not in the best interest of the employees. “Our people are not going to get paid for sitting home waiting for the company to resolve this problem,” he told reporters at the local union hall; “Any claim that our union or our members had anything to do with this ransomware attack is completely unfounded and untrue.”
No comments:
Post a Comment