On December 20, German multinational industrial engineering and steel production giant Thyssenkrupp was victim of a new cyber attack.
The multinational said that only "certain parts" of the “Material Services” division, specialised in the distribution of raw materials, were affected. The attack was detected at an early stage and so far the other branches haven’t been affected and no damage, theft or modification of data has been found.
IT teams are investigating and trying to stop the attack. But so far, the type of attack hasn’t been highlighted and no cybercriminal group has claimed responsibility for the attack. Given the reference to limiting the attack, a good candidate would be ransomware, but until further details are provided, this is only speculation.
Cyberattacks on ThyssenKrupp AG are another example of the increasing risks to industrial organizations and the global supply chain. Indeed, this isn’t the first time that a multinational in the automotive industry has been targeted by an attack. A few months ago, the automotive supplier Continental was attacked and 40 terabytes of data were stolen. The attack was followed by a ransom demand, but the multinational refused to pay.
Cyberattacks are no longer confined to the energy and utility sectors. They’re spreading in the manufacturing industries in an effort to destabilize the globalised supply chain.