Cyber Incident Victim: Sierra Wireless

On March 20, 2021, Sierra Wireless, a global IoT solutions provider headquartered in Canada, experienced a ransomware attack that disrupted its internal IT systems. The incident prompted an immediate halt to production across all manufacturing facilities worldwide, though customer-facing products and services remained unaffected due to established separation between internal and external systems. The company, which employs over 1,300 personnel and operates R&D centers across North America, Europe, and Asia, manufactures wireless communication devices including modems, routers, and gateways for industries such as automotive, healthcare, energy, and critical infrastructure. Attackers compromised Sierra Wireless' corporate network over the weekend, leading to operational disruptions that included the company’s public website displaying maintenance notifications. Internal operations were significantly impaired, though the breach did not extend to product ecosystems or customer data.

Sierra Wireless activated its incident response protocols upon detecting the attack, mobilizing internal IT and operations teams alongside third-party cybersecurity advisors to contain the threat. These collaborative efforts successfully neutralized the ransomware’s impact, with recovery operations focused on restoring internal systems. The company withdrew its previously issued Q1 2021 financial guidance on March 23, citing operational uncertainties stemming from the attack, but declined to identify the ransomware variant or confirm whether data exfiltration occurred prior to encryption. A spokesperson emphasized confidentiality regarding response strategies, disclosing only that impacted parties—including customers and advisors—had been notified. Manufacturing resumed shortly after containment, though the company did not specify a timeline for full operational restoration or disclose financial losses attributable to the downtime.