UPDATED 19:38 EDT / AUGUST 12 2024

SECURITY

Services at Swiss manufacturer Schlatter disrupted in likely ransomware attack

Information technology services at Swiss industrial manufacturer Schlatter Industries AG have been disrupted after the company was hit by a cyberattack on Friday.

In a statement released today, the company described the attack as a “cyber-attack using malware,” with internal specialists, together with external experts, taking measures to limit the damage as fast as possible. Authorities have also been contacted and Schlatter is investigating whether data was stolen.

Though it did not disclose the form of malware, the company added that “the unknown perpetrators are attempting to blackmail Schlatter.” Any attempted “blackmail” would require leverage and that could be encrypted data or stolen data.

If it sounds like ransomware, it usually is. The blackmail, in this case, is likely a demand for a ransom payment in return for encryption keys to decrypt data and a promise not to release stolen data.

Founded in 1916, Schlatter specializes in manufacturing welding and weaving machines for various industries and is considered a global leader in resistance welding systems and weaving machines for special applications.

The company seemingly doesn’t provide services or materials in any contentious industries, such as defense, making the attack unlikely to be politically motivated, unlike numerous companies that have been targeted by Russian hackers since the invasion of Ukraine in 2022. Given the “blackmail” demand, the attack, at least on the surface, would appear to be financially motivated, with the attackers hoping that their victim will cough up money to head off any further issues.

Given the lack of disclosure of how it occurred, Roger Grimes, data-driven defense evangelist at security awareness training company KnowBe4 Inc. told SiliconANGLE that, “as always in every compromise, one of the key things the victim should do is learn how the compromise happened.”

“Was it due to social engineering… very likely …unpatched software or firmware, compromised login credentials, misconfiguration or so on,” Grimes added. “Because if the victim organization can’t figure out how they were compromised, the less likely they are to make sure they can’t be compromised the same way in the future.”

Photo: Schlatter Industries

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU