British manufacturing company Morgan Advanced Materials has been hit by a cyberattack. The company said some of its servers were taken offline to contain the attack, leading to limited email service and other network restrictions. But very little information has been published about the extent of breach, a decision which one analyst says could prove to be a mistake as it may lead to more anxiety for customers and suppliers.
The exact nature of the attack hasn’t been revealed but it is described as a “data security incident” which was spotted on Sunday. A third party company was brought in to carry out forensic analysis of the network to better understand the nature of the attack and help prevent further damage to the network.
Regulators and law enforcement have been informed of the incident and the company says it is working to remediate the attack, including taking a limited number of servers offline in an “abundance of caution”, restoring them once the investigation confirms it is safe to do so.
Customers and suppliers are being contacted by company representatives to manually process existing and up-coming orders. A statement from Morgan Advanced Materials to its clients said: “we appreciate your patience whilst we are working hard to resolve this issue and minimise disruption to our valued customers.”
Data regulator the Information Commissioner’s Office said it has not been informed of the incident. An ICO spokesperson said: “Organisations must notify the ICO within 72 hours of becoming aware of a personal data breach, unless it does not pose a risk to people’s rights and freedoms.
“If an organisation decides that a breach doesn’t need to be reported they should keep their own record of it, and be able to explain why it wasn’t reported if necessary. All organisations using personal data should do so safely and securely. If anyone has concerns about how their data has been handled, they can report these concerns to us.”
Morgan Advanced Materials cyberattack: company has been bolstering its defences
Morgan is two years into a three-year security programme that includes introducing multi-factor authentication and staff training on monitoring for cyberattack risks. This includes strengthening an internal ‘thinkSECURE’ brand through a staff awareness programme.
The company manufactures specialist products using carbon, advanced ceramics and composites and operates across 30 countries. Listed on the London Stock Exchange, the FTSE 250 vysubess was founded in 1856 and has a long history with computing, becoming one of the first in the UK to computerise its financial records in 1954. It posted revenue of £950m for the 2021 financial year, and employs 7.800 people.
In its last annual report, the company says of its cybersecurity strategy: “Residual and emerging risks will be mitigated through continuation of the company’s IT strategy and information security programme, including ‘thinkSECURE’ and implementation of the related cybersecurity projects.”
Jake Moore, global security advisor at ESET told Tech Monitor a lack of information during a cyberattack can lead to bigger problems for companies than disclosing as much as is safe to do so. “Companies often try to hide on quiet side when releasing details of a cyberattack but scant information can sometimes lead to bigger problems later on internally and externally,” Moore says.
“What potentially could be a ransomware attack coupled with a data breach, it is clear that problems are affecting their systems and data. Customers and suppliers will no doubt be anxious about any sensitive data that could be at risk but as usual, any unsolicited emails that hit inboxes in the coming days need to be cautiously viewed.”