Cyberattack | A prolonged interruption at BRP

Stalled factories, inaccessible computer tools and telecommuting for office workers: the cyberattack that has hit BRP since Monday is aggravating the headaches of the Ski-Doo and Sea-Doo manufacturer, which was already struggling to meet demand for recreational vehicles .

Julien Arsenault
The Press

No one is immune to computer paralysis, but in Quebec, we have rarely seen a company the size of BRP – one of Quebec’s large multinationals with more than 20,000 employees and 11 factories in six countries – so affected.

At the Valcourt plant, where the company’s head office is also located, employees will have to wait until Monday before returning to work. After three full days of paralysis, many questions still remained unanswered. An internal memo sent to employees and obtained by The Press however, illustrates the complexity of the situation.

“For office workers, please refrain from using PCs, laptops and other IT tools that are currently inaccessible until further notice. We ask that you work from home if you can and continue to check your email regularly. »

The letter also advises employees, if contacted by the media, to direct questions “immediately” to the public relations department.

The recreational vehicle manufacturer remained stingy with details on Thursday. Teams working “day and night” have made “progress in restoring certain” servers, it was said in an email. BRP, which was the target of a cyberattack on Monday, has still not specified whether it had identified the perpetrators and whether they had demanded a ransom. The company also did not say if its employees would be paid despite this forced leave.

New pitfall

This cyberattack adds to the challenges facing the multinational, which has been rolling at high speed since the start of the pandemic. In the first quarter, BRP saw its profits halve due to supply problems that prevented it from increasing deliveries to its dealers – where inventories are at historic lows.

Despite everything, investors seemed to remain confident. On the Toronto Stock Exchange, Thursday, the decline recorded by the title of BRP was limited. The stock fell 1.35%, or $1.36, to close at $99.26.

According to Stéphane Auger, vice-president at Microfix, which specializes in information technology, BRP may have been targeted by the intrusion of hackers or ransomware. However, it is impossible to be sure if the multinational does not confirm it, adds the expert. However, disturbances that extend over several days testify to a “very serious” level of severity, says Mr. Auger.

“What it signals is that we have detected something that could spread through the network or that has affected the whole,” he explains. When it’s long like that, it’s either that they clean all the servers, or that they no longer have access to them at all. »

If the attack paralyzes the manufacturer of recreational vehicles, the picture looks different on the side of the dealers. At Groupe Contant, present in Laval, Mirabel, Sainte-Agathe, Beloeil and Vaudreuil, the director of marketing, Virginie Jolicoeur, spoke of a disruption of “a few hours”, Monday, of the “internal system” allowing to exchange with BRP.

The incident, however, overshadows a week that promised to be positive. As part of its annual dealer conference in Utah, the Quebec company presented new products, including the Sea-Doo Rise, a kind of electric kite surfboard, which received a favorable reception from analysts. financial.

Hours before the confirmation of a cyberattack on Tuesday, BRP announced the acquisition of a longtime supplier: the Shawinigan plant that belonged to Kongsberg, an auto parts manufacturer.

Other recent examples of cyberattacks

Union of agricultural producers

The agricultural union is also having a difficult week. A ransomware attack has affected all of its computer systems since Sunday. Its 160 employees can no longer connect to the network. Its director general, Charles-Félix Ross, told The Canadian Press that it was the most serious cyberattack the organization has ever suffered.

Alouette Smelter

Russian cybercriminals had claimed responsibility for an offensive that targeted the Aluminerie Alouette, on the North Shore, last February. Production was not halted at the complex, but the hackers claimed to have got their hands on confidential data.

Bridgestone

Production was interrupted for a few days at the end of February at the multinational’s factory in Joliette following a computer failure caused by a cyberattack. The employees had found themselves on forced leave for a few days.