Germany Archives - ICSSTRIVE

German Mechanical Engineering Firm Dürr successfully Wards off Cyberattack

February 20, 2023

Dürr’s security experts were able to fend off a hacker attack. The subsidiary was also attacked. The attempt to break into the IT system of the Bietigheim-Bissingen mechanical engineering company was repelled. The hackers neither encrypted any data nor took control of the system. The employees at Dürr were informed about the attack. Everyone had to change their password.

There was also a hacker attack at an American company in the Homag Group, which belongs to Dürr AG, says Christen. The attackers got a little further in the company than in Bietigheim-Bissingen. The spokesman emphasizes that data was not lost there either. To prevent this, the computer systems were shut down. IT security checks are currently ongoing. (see cross link to Stiles Machinery)

German Steel Producer Systems Hacked

April 20, 2023

Badische Stahlwerke was victim of a hacker attack. The attack was confirmed by the police in Offenburg, Germany. The company itself points out on its website that there was “unauthorized access to the network” on April 20th. According to the notice, the affected systems have been taken offline, which is why employees are temporarily unavailable via email and landline telephones. “We are currently working hard to resolve the incident comprehensively and quickly,” assures the steel producer.

German Autopart Supplier Billstein Hit by Ransomware Attack

April 28, 2023

The Bilstein Group was apparently recently hit by a ransomware attack. At the end of April, 60 GB of internal company data appeared on the dark web. This includes human resources, accounting and financial data. The auto parts specialist confirmed to CSO that there had been a recent cyber attack. “However, this was quickly discovered by our systems and IT specialists, so the impact was marginal,” explained a spokesman. The company did not want to release any further information about the case. It is not known whether there was a blackmail letter demanding a ransom.

SoftProject GmbH Reports Ransomware Attack

July 21, 2023

SoftProject GmbH was the target of a ransomware attack on its data center. According to available findings, part of SoftProject GmbH’s application landscape was encrypted. The forensic audits to date have revealed no evidence of a data leak. The detected malware “CryTox” is only used for encryption. The office domain of SoftProject GmbH’s administrative location was not part of the attack. According to current knowledge, there was no data leakage here either. SoftProject GmbH is working on putting the systems back into operation and carrying out further forensic analyses.

The incident was immediately and properly reported. SoftProject offers products and services for digitizing and automating business processes in all industries

Ransomware Attack Shuts Down Operations at German Manufacturer Wildeboer

July 14, 2023

Hackers paralyzed Wildeboer’s IT on July 14 and encrypted the company data. Production has been at a standstill since then, and a large proportion of the 350 employees have been on short-time work since. The company produces, among other things, fire and sound insulation components for office complexes and stadiums. The perpetrators left instructions, however instead of responding to the ransom demand, the company filed a police report.

The company issued a statement on their website: “After weeks of hard work, Wildeboer will resume production on Monday, August 14. In connection with the restart of production, we will provide you very promptly with the necessary documents from our order processing department. The restart was made possible by many very intensive and dedicated colleagues from all divisions. “

Ransomware Attack German Drinking Water Association Paralyzed IT Systems

July 28, 2023

Hackers have paralyzed the IT systems of the Stader Land Drinking Water Association (TWV) resulting in technical disruptions. The company website states (translated in EN): At the end of July we fell victim to a ransomware attack. The aim of this was to encrypt our systems. The encryption could be prevented and we have now largely completed the secure reconstruction of our IT. We are supported by external experts and work closely with the relevant data protection and police authorities. The drinking water supply was never affected by the IT security incident and is operating at the usual high level.

With an attack of this type, there is always a risk that the perpetrators will steal data such as address or account details and other sensitive information. Unfortunately, this is now also the case with us. The criminals stole customer data in the context of meter changes and, according to our experts, published it on the darknet. A large number of our customers are affected by this.

Wisag Group Hacked Again a Year Later

February 9, 2023

Almost exactly a year after the first attack, the service group Wisag fell victim to hackers again. On Tuesday morning, the IT department found “irregularities” on the servers, said a spokeswoman for the Frankfurt-based company. As a result, all systems and applications were immediately taken off the network.

“At the current time, it is not apparent that customer or internal data has leaked,” it continues. “We are optimistic that we can safely put all systems back into operation as soon as possible.”

Ransomware Attack Halts Operations at Ziegler Fire Engine Manufacturer

February 9, 2023

On February 9th, the company noticed a cyber attack and shut down all systems.

On March 13, company spokes person Matthias Mühlbacher said “It was almost possible to restore the current situation at that time. Normal everyday work is possible again in large parts of the plants. “All software and hardware components were checked, cleaned or replaced and reinstalled with the help of forensic experts from the IT industry.” Some effects, he emphasizes, would accompany the company for a while.

UPDATE, 23 April: Since the ransom was apparently not paid, ALPHV publishes documents that are said to belong to the company.

Cyberattack Affects All Locations of German VDM Steel

January 9, 2023

Unknown perpetrators carried out a cyberattack on VDM Metals. All locations are affected, including those in Werdohl (administration, wire and strip production), Altena (plate and rod production), Unna (melting plant, forge and rod finishing shop) and Siegen (plate rolling mill). Significant parts of the company’s IT infrastructure are affected. Production came to a standstill and parts of the workforce sent home.

Two weeks later production is gradually restarting. The problem seemed to lie in the logistics data flow. VDM communicates most parts of the business will be up and running again by next week.

Several hundred computers have been exchanged in the company. The plant uses server resources from the Spanish parent company Acerinox, as can be seen from the new e-mail addresses of the employees.

Steico Group Operations Disrupted after Cyberattack

March 1, 2023

The building materials manufacturer Steico has become the target of a cyber attack. The incident impacted both manufacturing operations and administration, the company’s website said. The full extent of the attack is currently unknown. It is also unclear whether it was an extortion attack with ransomware.

« Older Entries