Johnson Controls International (JCI) spent $27 million remediating a September 2023 ransomware assault on its methods — an assault that authorities officers warned on the time may threaten bodily safety.
According to a submitting with the US Securities & Exchange Commission (SEC) this week, the constructing automation, HVAC, and hearth safety big uncovered the assault the weekend of Sept. 23, after receiving studies of system outages. It was a ransomware hit that locked up inner IT infrastructure and allowed assailants to exfiltrate firm knowledge.
The submitting didn’t point out which gang JCI decided to be behind the cyberattack, however on the time researchers attributed it to Dark Angels utilizing a customized VMware ESXi encryptor.
“The firm applied its incident administration and response plan and enterprise continuity plans, together with implementing remediation measures to mitigate the influence of the incident and restore affected methods and features,” JCI famous within the SEC submittingincluding that the $27 million price ticket for the trouble takes into consideration cyber insurance coverage payouts, and contains the price of retaining exterior cybersecurity specialists.
The submitting famous that the investigation and remediation efforts stay ongoing, “together with the evaluation of knowledge accessed, exfiltrated or in any other case impacted through the cybersecurity incident,” and expects to spend extra on the restoration because of this.
Contrary to fears floated by the Department of Homeland Security after the assault, JCI additionally mentioned that there’s “no proof of any influence to its digital merchandise, providers, and options together with OpenBlue and Metasys,” referring to its smart-building and AI-enabled strains of enterprise, which are sometimes deployed in industrial settings and produce operational know-how (OT) along with IT methods.