Facilities Management Firm ISS World Hit by Ransomware Attack

Two days after it had suspended most of its computer systems worldwide, Denmark-based facilities management firm ISS World conceded on Wednesday it had become the latest target of a malware attack that had impacted parts of its IT environment.

In a press release, the business support service provider said the incident happened on Monday, Feb 17, which involved attackers gaining access and encrypting some of its IT systems. In a bid to isolate the impact of the incident, the company explained it had decided to suspend access to all its shared IT services worldwide.


“The root cause has been identified and we are working with forensic experts, our hosting provider and a special external task force to gradually restore our IT systems. Certain systems have already been restored. There is no indication that any customer data has been compromised,” the statement explained.

ISS World Ransomware Attack

Founded in 1901, ISS World operates as a facility company offering building maintenance, cleaning services, catering and facilities management, as well as office supplies to enterprise clients across 60 countries worldwide. As of 2020, the company was reported to make revenues of about £8.4bn per annum.


To date, while the Denmark-based firm secures that its employees do not rely heavily on IT systems for managing their day-to-day operations, a report from ThisWeekinFM reveals that 43,000 employees, including 4,000 in the UK, currently had no access to their emails – a dilemma that is widely regarded to be a critical blow to any operating business.

In an interview with Computer Weekly, Rajiv Arvind, ISS senior communications manager, explained that about 70%-80% of the group’s staffers are “frontline workers.” This means that most of the company’s customer-facing services are operating normally despite the recent incident.

He also added that, in the meantime, ISS is currently directing its focus in identifying the cause of the attack and becoming “150% sure” that the risks involved in the incident had finally passed.


“The nature of our business is to deliver services on customer sites mainly through our people and as such we continue our service delivery to customers while implementing our business continuity plans. Our priority is to ensure limited or no disruption while we fully restore all systems,” the statement explained.

“We are currently estimating when IT systems will be fully restored and are assessing any potential financial impact. Security, in all its forms, is a top priority for ISS, and we remain committed to protecting the integrity of our systems.”

As a way to secure employees and customers about their commitment to resolve the security issue, the company promised to extend further updates once they have collected “significant, additional information” as soon as possible.

No posts to display