News / IT Security

  • December 21, 2022

Industrial Giant Thyssenkrupp Again Targeted by Cybercriminals

German industrial engineering and steel production giant Thyssenkrupp has again confirmed being targeted by cybercriminals. The company told SecurityWeek that ‘organized crime’ is believed to be behind the attack.

“Parts of the Materials Services and Corporate segment of Thyssenkrupp are currently affected. The possibility of the other segments and business units being affected can be ruled out at this time,” a spokesperson of Thyssenkrupp Materials Services said in an emailed statement.

According to the same statement, the company’s IT security team detected the incident at an early stage and the attackers did not manage to cause any damage. In addition, there is no evidence that data has been stolen or modified.

“An interdisciplinary crisis team has been set up and is working together with the group’s IT security to limit the attack and ideally end it as quickly as possible,” Thyssenkrupp said, adding that authorities have been notified.

The company would not say whether the attack was conducted by a known ransomware group.

SecurityWeek has checked the websites of several major ransomware groups, but found no mention of Thyssenkrupp at the time of writing.

This is not the first time Thyssenkrupp has been targeted in a cyberattack. In 2016, the company said it was targeted by hackers believed to be located in Southeast Asia, with the goal of stealing industrial secrets.

The company was also targeted by several ransomware groups in the past few years, including the notorious Netwalker.

Thyssenkrupp would not be the only major German company hit by ransomware this year. The list also includes wind turbine giants Deutsche Windtechnik and Nordex Group, copper producer Aurubis, and car parts giant Continental.

In the case of Continental, the LockBit ransomware group claimed to have stolen 40 Gb of files and offered to sell the information for $50 million.