Industrial giant Honeywell says it has ‘returned to service’ after cyber intrusion

Honeywell, a Fortune 100 firm that makes aerospace and energy equipment, said Tuesday that malware had disrupted “a limited number” of its computer systems.

Honeywell said it had “returned to service” following the incident, but the Charlotte, North Carolina-based firm’s statement did not elaborate on how service was disrupted.

A Honeywell spokesperson did not immediately respond to questions on the incident, including whether ransomware was involved and who was responsible.

Honeywell, which reported some $33 billion in sales last year, said it did not expect the malware disruption to have a “material impact” on the firm. Honeywell called in Microsoft to help remediate the intrusion, and the computer systems have “since been secured,” the statement said.

“Our investigation is ongoing, but at this point, we have not yet identified any evidence that the attacker exfiltrated data from our primary systems that store customer information,” Honeywell added. “If we discover that any customer information was exfiltrated, we will contact those customers directly.”

Ransomware attacks have been reported with increasing frequency in the manufacturing sector in the last year. Reported ransomware incidents struck carmaker Honda last June and steel manufacturer Evraz a year ago. 

In the U.S., the Department of Homeland Security has undertaken a new initiative, backed by $25 million in additional funding, to combat a steady stream of ransomware attacks.

The Honeywell intrusion comes as a Washington, D.C.-area event-management firm and a Canadian wireless technology provider grapple with ransomware incidents this week.