Engineering (Includes Industrial Construction)


2020 Phishing Email Cost UK Interserve more than £11M

May 8, 2020

Hackers stole sensitive details on 100,000 people from an outsourcing company named Interserve. The Phishing campaign attackers are unknown and the company offered no additional information. The data stolen is sensitive, including employee names and their addresses, bank details, payroll information, HR records, pension information and much more.

Update August 2023: The Information Commissioner fined Interserve £4.4m in autumn 2022. Interserve was once a FTSE 250 firm but has largely been broken up after collapsing into administration four years ago. Its latest accounts reveal that it spent £7m on ‘professional adviser fees’ following the attack.

read more

Australian Infrastructure Services Provider Takes Down Systems

July 8, 2023

The Australian infrastructure services provider Ventia says a cyberattack on the weekend of July 8 and 9 is contained. The attack on the Sydney-headquartered essential infrastructure services provider caused it to take key systems offline. However, in a July 12 statement, Ventia says its key internal systems have been safely re-enabled and external-facing networks are systematically being restored. Ventia is giving little away about the nature of the cyberattack, but the company’s decision to shut down its systems is a characteristic response to a ransomware-style attack.

An APAC Analyst Technical Director at DarkTrace says some of Ventia’s systems were offline for at least three days and switching off services would significantly impact customers. “Ventia are an important pillar in the management of critical infrastructure. They operate sites across Australia and New Zealand on behalf of defence, electricity, gas, and water companies,”

read more

Italtel Cyberattack Claimed by Medusa

September 25, 2023

On Monday 25 September, the Italian company Italtel was the victim of a cyber attack. The cyber attack impacted Italtel’s IT infrastructure, limiting access and use of some company systems. The situation continues to evolve. The Italtel affair adds to the many IT incidents involving large Italian companies.
Italtel has already started communicating with its customers and suppliers about the cyber attack. Any subsequent interactions will be managed by the competent figures within the company.

The Medusa ransomware criminal gang claims the ransomware attack, Italtel has as of today not confirmed the attack. Italtel’s target markets are Telco & Media, Industry & Manufacturing, Energy & Transportation, Banking & Insurance, Healthcare and Public Administration.

read more

Vesuvius Industrial Manufacturer Discloses $4.6M Cost as Result of Cyber Incident

February 6, 2023

Vesuvius, a UK-based molten metal flow engineering company issued an alert on February 6, 2023, which stated it was “currently managing a cyber incident, [which] has involved unauthorized access to our systems.” The London Stock Exchange-listed ceramics manufacturer disclosed in May that the perplexing cyber incident will incur a hefty cost of $4.6 million.

The exact nature of the incident remains shrouded in secrecy, as the company has refrained from providing specific details.

Notably, Vesuvius is the second British industrial ceramics manufacturer to disclose a cyber incident in 2023. In January, Morgan Advanced Materials, a company specializing in semiconductor production, also submitted a cybersecurity incident notice to the London Stock Exchange.

read more

Black Basta Hacks Systems of Engineering Firm that Designs Hundreds of US Power Stations.

October 15, 2022

Sargent & Lundy, a Chicago-based construction and engineering firm fell victim to a Black Basta ransomware attack. The hack exposed information of over 6,900 individuals belonging to multiple electric utility companies. The organization works as a US government contractor handling critical infrastructure projects across the country.

The firm also handles nuclear security issues, working alongside the departments of Defense, Energy, and other agencies. Federal officials closely monitored the potential broader impact on the US power sector, though it is being reported that no other power-sector firms were involved.

read more

Thyssenkrupp System Engineering Group Target of Ransomware Attack

August 11, 2020

In August 2020, Mount Locker ransomware gang targeted Engineering and Technology giant ThyssenKrupp in what appears to be a data breach. Threat actors gained access to critical HR information and documentation regarding the company’s present and past employees through the ThyssenKrupp Materials group of firms in the United States and Canada.

Mount Locker ransomware operators advertise what seems to be 30 MB of data related to ThyssenKrupp System Engineering group.

read more

Thyssenkrupp Target of Cyberattack

December 20, 2022

German ThyssenKrupp AG said today that it’s fending off a cyberattack against its Materials Services division and corporate headquarters. The form of attack was not disclosed. The attack is said to have been noticed at an early stage by the company’s cybersecurity staff and efforts are underway to limit the attack and bring it to an end. No other sections of ThyssenKrupp have been affected by the attack.

No cybercriminal group has yet accepted responsibility for the attack.

read more

Weir Group Ransomware Incident

September 21, 2021

Weir Group is currently managing the consequences of a sophisticated attempted ransomware attack that occurred in the second half of September. Weir’s cybersecurity systems and controls responded quickly to the threat and took robust action. This included isolating and shutting down IT systems including core Enterprise Resource Planning (ERP) and engineering applications. These applications are now restored on a partial basis, and other applications are being brought back online in a progressive manner in order of business priority. The above actions have led to a number of ongoing but temporary disruptions including engineering, manufacturing and shipment rephasing, which has resulted in revenue deferrals and overhead under-recoveries. Effective capabilities are being progressively restored in the coming weeks but the consequences of the operational disruption and associated inefficiencies are expected to continue into the fourth quarter.

read more

Advantech Hit By Ransomware

November 19, 2020

Ransomware attack hit Taiwan-based Advantech Co. in November, 2020 and the hackers sought 750 bitcoin or $13.8 million in exchange for the decryption key.

read more