Ransomware disrupts worldwide production for Belgian aircraft parts maker

ASCO Industries, a manufacturer of aerospace components with headquarters in Zaventem, Belgium, has been hit with ransomware, which ended up disrupting its production around the world. The attack reportedly started on Friday and the extent of the internal damage is still unknown.

ASCO ransomware attack

About ASCO Industries

ASCO Industries is a privately held company that was acquired by Kansas-based Spirit AeroSystems in 2018. At the time it had 1,400 employees world-wide.

It designs and manufactures wing components, complex mechanical assemblies and major structures for both civil and military aircrafts. Its clients include the European corporation Airbus, US company Boeing, Canada-headquartered Bombardier Aerospace and Brazilian aerospace conglomerate Embraer. ASCO has also been manufacturing parts for Lockheed Martin F-35 aircrafts.

It has offices and production centers in Belgium, Germany, Canada, the US, and offices in Brasil and France.

About the attack

ASCO has been pretty tight-lipped about the attack.

According to VRT (Flemish Radio and Television Broadcasting Organisation), the police has been notified, external experts called in to investigate and the public prosecutor has confirmed that ransomware was used in the attack.

The company has temporarily stopped production in all of its production centers, but it has not confirmed whether the ransomware has spread to those systems.

The company’s HR director Vicky Welvaert also declined to say whether the situation is under control and speculate on when business activities will be restarted. She also did not mention ASCO’s plan of action to resolve the situation, whether they intend to pay the ransom or rebuild its systems from scratch and restore backups.

Despite ASCO being a logical target for industrial and possibly state-sponsored espionage, the company told The Brussels Times that there is currently no evidence of theft of information, so it might just end up being an opportunistic ransomware attack similar to the one that hit Norsk Hydro, Aebi Schmidt, and many other companies and organizations in Europe and around the world.