German multinational industrial engineering and steel production company ThyssenKrupp AG said today that it’s fending off a cyberattack against its Materials Services division and corporate headquarters.
The form of attack was not disclosed. A spokesperson told Agence France Presse only that “Thyssenkrupp is currently the target of a cyberattack — presumably by organized crime” and that “at the present time, no damage has been done, nor are there any indications that data has been stolen or modified.”
The attack is said to have been noticed at an early stage by the company’s cybersecurity staff and efforts are underway to limit the attack and bring it to an end. No other sections of ThyssenKrupp have been affected by the attack.
No cybercriminal group has yet accepted responsibility for the attack. Given the reference to limiting the attack, an obvious candidate would be ransomware, but until further details are provided, that’s pure speculation.
ThyssenKrupp has been the target of cyberattacks in the past. In 2016, the company was hacked in a corporate espionage case that resulted in the theft of trade secrets. The hackers stole project data from its plant engineering division.
In 2012, it was targeted in an attack that was described at the time as “heavy” and of an “exceptional quality.” Like the 2016 attack, espionage was the suspected motivation for the attack.
“Cyberattacks on ThyssenKrupp AG are another example of increasing risks to industrial organizations and the global supply chain,” Duncan Greatwood, chief executive officer of security company Xage Security Inc., told SiliconANGLE. “In fact, cyber risks are now spreading from energy and utility sectors and making their way into the manufacturing sector — such as steel manufacturing and heavy industries — in an effort to cause massive chaos.”
Greatwood believes that corporate mindsets need to shift from not just detecting and responding to cyberattacks on critical infrastructure, but blocking them from inception.
“Prevention is possible, even once the threat has infiltrated the network or compromised some systems,” Greatwood added. “Accelerating implementation of preventive cybersecurity capabilities should be a key priority for industrial organizations and critical infrastructure operators in 2023.”