In the latest twist of a growing cyber-threat narrative, Simpson Manufacturing Company, a major player in the U.S. building materials market, experienced a jolt to its business operations this week. Revealed to the U.S. Securities and Exchange Commission (SEC), the company detected sinister activity, prompting an immediate shutdown of its systems.

Brian Magstadt, the company’s Chief Financial Officer, conveyed to regulators and stakeholders: “We’ve seen significant interruptions in our business operations, and we’ve called upon top-notch cybersecurity experts to guide us through our investigation and recovery.” He cautioned that this review is just beginning, painting a picture of a situation still unfolding.

While Simpson Manufacturing didn’t offer further comment on the specifics of the attack, this isn’t an isolated incident. The company, renowned for its vital construction and retrofitting tools like structural connectors, anchors, and so forth, boasts impressive stats with nearly $600 million in net sales last quarter and a workforce exceeding 3,000.

To put this into perspective, in just a few weeks, we’ve seen similar unsettling headlines. U.K.-based Volex, known for producing vital power products for data centers and electric vehicles, and the building automation behemoth, Johnson Controls, both reported cyber hitches. The latter’s breach rang alarm bells, especially within U.S. federal law enforcement.

An internal memo suggested that sensitive physical security details, including the Department of Homeland Security’s floor plans, might have been exposed.

Highlighting the alarming rate at which the manufacturing sector is being targeted, cybersecurity company Dragos pinpointed that a whopping 177 out of 253 ransomware incidents it recorded in the second quarter of 2023 involved manufacturing companies.

Not to forget, Clorox, the cleaning product titan, informed regulators just a fortnight ago that its August cyberattack still haunts its production process.

The frequency and potential fallout from these attacks underscore the urgent need for enhanced cybersecurity measures, as these breaches threaten not just the bottom line, but the very fabric of our security and daily lives.

We need to start paying attention to our critical OT environments as they are major players in our supply chains globally. Attacks like these have rippling, domino effects downstream of the event itself and each supply chain that must be shut down due to incomplete information, further exacerbates our economic challenges. These things are NOR happening by accident.