Editor's Note: This story has been updated with a statement from Cognizant. 

In 2024, IBM identified the manufacturing sector as the industry most attacked by cyber criminals for the third straight year – which is why we see even the biggest brands being impacted by the work of hackers.

Bleach maker Clorox is coming clean about the details surrounding a recent ransomware attack but the fingerpointing extends past the gang of perpetrators and all the way to the company’s IT provider.

Most Popular News: 

And Clorox believes that the IT firm's faults in this situation were so egregious that it has filed a lawsuit.

The suit points to a 2023 incident in which hackers from the group Scattered Spider targeted several firms.

According to Reuters, Scattered Spider is particularly adept at “tricking IT help desks into handing over credentials and then using that access to lock them up for ransom” – which is exactly what Clorox says happened in its case.

In fact, Clorox’s lawsuit claims suggest it was almost… easy.

The company alleges that one of the group’s hackers was able to repeatedly steal employees' passwords simply by calling the IT desk with its service provider - Cognizant - and simply asking for credentials. And while the hackers were posing as Clorox employees, Clorox alleges the service desk didn’t ask for verification details of any kind.

Reuters reviewed the lawsuit documents, which included call transcripts and other details showing just how basic the scheme was. According to the suit, "Cognizant was not duped by any elaborate ploy or sophisticated hacking techniques … Cognizant handed the credentials right over."

Clorox said that the hack resulted in $380 million in damages, a large chunk of which came from the company’s inability to ship its goods in the immediate aftermath of the attack.

Cognizant issued the following statement to Industrial Equipment News (IEN) regarding the incident:

"It is shocking that a corporation the size of Clorox had such an inept internal cybersecurity system to mitigate this attack. Clorox has tried to blame us for these failures, but the reality is that Clorox hired Cognizant for a narrow scope of help desk services which Cognizant reasonably performed. Cognizant did not manage cybersecurity for Clorox."

Click here to subscribe to our daily newsletter featuring breaking engineering industry news.

WEBVTT

X-TIMESTAMP-MAP=LOCAL:00:00:00.000,MPEGTS:0

00:00.009 --> 00:05.519

In 2024, IBM identified the manufacturing

sector as the industry most attacked by

00:05.519 --> 00:10.319

cybercriminals for the third straight year,

which is why we see even the biggest brands

00:10.319 --> 00:15.000

being impacted by the work of hackers.

Bleach maker Clorox is coming clean about the

00:15.000 --> 00:19.959

details surrounding a recent ransomware attack,

but the finger pointing extends past the gang

00:19.959 --> 00:23.510

of perpetrators and all the way to the

company's IT provider,

00:23.719 --> 00:28.287

and Clorox believes that the IT firm's

faults in this situation were so egregious that

00:28.287 --> 00:30.037

it has filed a lawsuit.

00:30.326 --> 00:35.117

The suit points to a 2023 incident in which

hackers from the group Scattered Spider

00:35.367 --> 00:37.806

targeted several firms.

According to Reuters,

00:37.926 --> 00:42.687

Scattered Spider is particularly adept at

tricking IT help desks into handing over

00:42.687 --> 00:45.876

credentials and then using that access to lock

them up for ransom,

00:46.126 --> 00:49.326

which is exactly what Clorox says happened in

its case.

00:49.606 --> 00:54.083

In fact, Clorox's lawsuit

claims suggest it was almost easy.

00:54.293 --> 00:59.094

The company alleges that one of the group's

hackers was able to repeatedly steal employees'

00:59.094 --> 01:02.923

passwords simply by calling the IT desk with

its service provider,

01:03.094 --> 01:08.094

Cognizant, and simply asking for credentials.

And while the hackers were posing as Clorox

01:08.094 --> 01:13.753

employees, Clorox alleges the service desk

didn't ask for verification details of any kind.

01:14.013 --> 01:18.541

Reuters reviewed the lawsuit documents, which

included transcripts and other details showing

01:18.541 --> 01:20.011

just how basic the scheme was.

01:20.221 --> 01:25.710

According to the suit, Cognizant was not duped

by any elaborate ploy or sophisticated hacking

01:25.710 --> 01:29.051

techniques.

Cognizant handed the credentials right over.

01:29.221 --> 01:33.621

Clorox said that the hack resulted in $380

million in damages,

01:33.740 --> 01:38.380

a large chunk of which came from the company's

inability to ship its goods in the immediate

01:38.380 --> 01:40.070

aftermath of the attack.

01:40.380 --> 01:42.100

I'm Anna Wells.

This is Manufacturing Now.