Production lines were canceled Tuesday at Subaru’s Lafayette plant due to ‘supplier issue.’ Meanwhile, FBI investigates ransomware attacks on Indiana companies
LAFAYETTE – Production shifts at Subaru of Indiana Automotive Inc., Greater Lafayette’s largest private employer, and Heartland Automotive, one of the Lafayette auto plant’s suppliers, resumed production Tuesday afternoon after canceling consecutive shifts earlier in the day and late Monday.
The reason for the lost shifts: “A supplier issue,” said Craig Koven, SIA spokesman.
Meanwhile, an FBI spokeswoman confirmed that the FBI Indianapolis Division was investigating cases of ransomware, in which attackers infect a computer system with malware that blocks its use until a ransom is paid.
“The FBI is aware of a ransomware attack and the significant impact that the attack has had on certain companies in the state of Indiana,” said Chris Bavender, spokeswoman with the FBI Indianapolis Division.
Whether the FBI investigation and the temporary plan shutdowns were directly connected was not immediately clear Tuesday, even after SIA and Heartland Automotive got back to work.
Asked about a possible connection, Bavender deferred. Bavender said Tuesday that due to the ongoing investigation, no other details would be released at that time.
DETOUR ALERT: Main Street closes near Columbian Park, will stay that way until Thanksgiving
PURDUE FOOTBALL: Purdue quarterback Elijah Sindelar suffers broken clavicle; Rondale Moore out against Penn State
Koven did not indicate what sort of supplier issue was causing problems at the SIA plant, where more than 5,600 employees produce close to 33,000 Subaru vehicles – including Outback, Legacy, Impreza and Ascent models – each month.
“In these situations, we typically do not disclose the name of the supplier or the issue,” Koven said.
Koven did say, though, that “the issue that caused SIA production to be temporarily suspended was at the supplier — not SIA.”
At Heartland Automotive, a Subaru supplier in southern Lafayette, shut down shifts Monday night and Tuesday morning. Production for 280 employees was on track for Tuesday afternoon, as well, Ritsuko Abrams, manager of administration for the company, said Tuesday afternoon. She said that “the supplier issue has made progress.”
She declined to elaborate about the issue that had affected Heartland Automotive because the company, with plants in Lafayette and Greencastle, did not “want any confusion out there.”
On Tuesday afternoon, Bavender declined to elaborate on the investigation as SIA and Heartland Automotive restarted production lines. As of Tuesday afternoon, she said the FBI wasn’t releasing more information.
Either way, the situation brought a conversation about defending against a spread of ransomware.
Baijian Yang, an associate professor of computer and information technology at Purdue, said ransomware gets into a computer system in the same ways older variations of malware did – through emailed attachments, code on websites and targeted attacks on networks. While viruses and worms once were meant as forms of sabotage, the rise of Bitcoin currency and Tor – an open-source software that allows for anonymous communication – offered a new goal for hackers.
“Now, what criminal minds want to do is they really want to get some economic benefits out of the bad behavior,” Yang said. “We’re seeing this happen over and over again, because all of a sudden they feel much safer to receive some sort of payment.”
Yang said ransomware hackers get bolder each time someone pays a ransom to unlock or retrieve their data. He said he discouraged people from paying, because it gives incentive for the next hacker to give it a shot. With a growing number of connected devices in homes – part of an Internet of Things movement – there will be a new generation of often poorly protected targets for hackers, Yang said.
“You basically have everything pointing to the direction that this kind of network attack absolutely will go up,” Yang said.
NEW STUDY: Purdue, IU get $840K challenge to study teaching ethics in big data era
VAPING CASE: Mom’s plea goes viral after vaping lands Purdue student in the hospital
On Tuesday, Emsisoft, a New Zealand company that markets anti-virus and anti-malware software, released a roundup titled, “State of Ransomware in the U.S.,” for the first nine months of 2019. The company collected reports of 621 ransomware attacks in the United States so far in 2019. That, the company noted, didn’t include private business that didn’t disclose an attack.
Among those, health care organizations accounted for 491 one of that ransomware demands. The reason, according to the report: “Cybercriminals understand that health care providers are often more inclined to pay the ransom as failure to do so may result in data loss that could potentially put lives at risk.” Also among the victims was the city of Baltimore, which was hit in May but refused to pay a demand of $76,000. The recovery costs, according to media accounts, have been an estimated in the millions of dollars.
Eugene Spafford, a computer science professor at Purdue, founded the university’s Center for Education and Research in Information Assurance and Security, or CERIAS.
Spafford said there’s a need for what he called “basic hygiene,” meaning proper setup, security and backup for software systems, whether in a business, a utility, a government agency or a home. He said the evidence is that too many networks are vulnerable to ransomware attacks, whether accidentally let in or part of a targeted efforts.
“We as a society need to invest in protection instead of hoping things don’t go bad,” Spafford said.
“When an organization has not architected for security gets something like this, it sweeps through everything and shuts them down and puts them in a very difficult circumstance,” Spafford said. “Which is, pay a very big ransom or go through a very painful reconstruction process. And that’s a tough call. Even if an organization pays a ransom, it’s not clear that they’ll get everything back. It’s like any other sort of extortion.”
Spafford’s advice: Organizations need to segregate their networks and systems to minimize the spread of malware if it does get in. He said they need good backups, kept offline so they’re safe and then tested on a regular basis to make sure they’re capable of reconstructing data in case of any emergency, whether it’s a cyberattack or some sort of natural disaster. Spafford recommended installing antivirus and anti-malware systems and then regularly maintaining them with the latest updates and patches. He suggested installing firewalls to protect all devices and systems. He also said that with any of those protections not to use default passwords or the same passwords for all systems and devices.
“These are all basic hygiene,” Spafford said. “But people need to take them more seriously as these sorts of things proliferate.”
As for who is doing it, Spafford said: “It’s unlikely we’ll know. They could be down the street. They could be halfway around the world.”
Reach Dave Bangert at 765-420-5258 or at dbangert@jconline.com. Follow on Twitter: @davebangert.
Read or Share this story: https://www.jconline.com/story/news/2019/10/01/subaru-cancels-shifts-lafayette-plant-unclear-if-tied-fbi-ransomware-investigation/3828321002/