One of the world's largest steel makers has been hit by a cyberattack — and its automotive division had to shut down to contain it
ThyssenKrupp confirms attack, saying supply unaffected
Steel manufacturing giant ThyssenKrupp has confirmed that it suffered a cyberattack attack last week which forced parts of its IT infrastructure offline.
Given the company’s position as one of the global leaders in steel production, the attack is bound to send ripples throughout the business world.
The news first broke on a German website Saarbruecker Zeitung, which said that the company’s plant in Saarland suffered the attack.
Was it ransomware?
Saarland is a German state towards the west, bordering France and Luxembourg. The publication also said the plant employs more than a thousand specialists.
Following the news, the company issued a statement to BleepingComputer, confirming that parts of its Automotive infrastructure had to be shut down to contain the incident:
"Our ThyssenKrupp Automotive Body Solutions business unit recorded unauthorized access to its IT infrastructure last week," the statement reads. "The IT security team at Automotive Body Solutions recognized the incident at an early stage and has since worked with the ThyssenKrupp Group's IT security team to contain the threat."
"To this end, various security measures were taken and certain applications and systems were temporarily taken offline."
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
This department works on steel production and processing, as well as research and development. It frequently collaborates with different industry partners, research institutions, and universities, it was said.
At this moment, there is no indication of who the threat actors are, or how they managed to infiltrate ThyssenKrupp’s network. There also hasn't been any confirmation of if this was a ransomware attack, but given the company’s response, it’s safe to assume it is. In that case, the group is most likely demanding money in exchange for the decryption key and, possibly, stolen data. So far, there is no confirmation of any data being stolen in the breach.
ThyssenKrupp said no other departments were affected by the attack, and confirmed it was working on returning operations to normal. So far, supply to customers has not been disrupted.
ThyssenKrupp AG is a global leader in steel production, counting more than 100,000 employees and having an annual revenue of more than $44.4 billion.
More from TechRadar Pro
- Best ransomware protection of 2024
- Here's a list of the best firewalls around today
- These are the best endpoint security tools right now
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.