US construction giant Simpson Manufacturing has been forced to push all its IT systems offline to contain a cyber attack that continues to disrupt operations. 

The California-based structural material producer, which is one of North America’s largest makers of structural connectors and anchors, confirmed the incident after days of system outages and ongoing disruption to business operations. 

"On October 10, 2023, Simpson Manufacturing Co., Inc. experienced disruptions in its Information Technology (IT) infrastructure and applications resulting from a cybersecurity incident," the firm states in an SEC filing.

"After becoming aware of the malicious activity, the Company began taking steps to stop and remediate the activity, including taking certain systems offline. The Company is working diligently to respond to and address this issue. 

As usual with these sorts of incidents, the company says it has engaged leading third-party experts to aid its investigation and recovery, but both are in their initial stages.

Ransomware Risk

Simpson Manufacturing has yet to bring its systems back offline and has stated that its incident response may take some time. 

The fact that remediation is taking so long suggests a possible ransomware attack – which is difficult to remediate as it involves data encryption, rendering key systems and apps unusable.

Simpson Manufacturing would be an attractive target for such an attack, holding thousands of patents and trademarks and operating seven research labs around the world. 

It also has over 5,000 employees and a market capitalisation of $6 Billion. Its share price has declined by 3.7% over the past five days and 9.4% over the past month. However, the company’s stock still trades 61% higher since the start of the year.

The type of cybersecurity incident impacting Simpson Manufacturing has not yet been specified, and no ransomware groups have taken responsibility for the attack as of yet.