Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Cyberattack Causes Serious Disruptions at German Automation Firm Pilz

Automation tools manufacturer Pilz has been hit by a cyberattack that took down almost its entire infrastructure.

Pilz is a major automation technology supplier based in Ostfildern, Germany. It offers machine and process automation and safety products, consultancy, engineering and training, and has branches all around the globe.

Automation tools manufacturer Pilz has been hit by a cyberattack that took down almost its entire infrastructure.

Pilz is a major automation technology supplier based in Ostfildern, Germany. It offers machine and process automation and safety products, consultancy, engineering and training, and has branches all around the globe.

The company was hit on October 13, with all of its server-based workplaces, including the international communication network, affected.

The cyberattack appears to have affected all of the company’s offices, which span over 70 countries all around the globe. Although production wasn’t impacted, the company was not able to take orders or process deliveries.

“For reasons of precaution, we have disconnected all computer systems from the internet. We will inform you about the current situation,” the company announced on Twitter last week.

Within days after the initial compromise, Pilz was able to start taking orders again, but announced that it was still unable to provide delivery dates automatically.

Initially, the company was only able to resume taking orders via telephone and a single email address, but it then managed to restore its email ordering system at subsidiaries worldwide.

The company was able to restore delivery capabilities this week, but only for some areas, meaning that its systems continue to be affected. In fact, it appears that even its website is only working partially.

“For certain areas we have been able to restore the delivery power. In addition, all planned training sessions at our Pilz Academy in Ostfildern will take place as planned,” the automation provider said in a tweet earlier today.

Pilz announced that it launched an investigation and that its team of specialists was working closely with external forensic experts and the Baden-Württemberg State Criminal Police Office.

On its website, the company only revealed that it was the victim of a targeted cyberattack, without providing additional information on the nature of the incident.

According to ZDNet, the manufacturer’s network was disrupted by a piece of ransomware. The malware involved appears to have been BitPaymer, which was previously associated with TA505, the threat actor behind the infamous Dridex and Locky malware families.

Related: Georgia County’s Experience Shows Perils of Ransomware

Related: Aluminum Giant Norsk Hydro Hit by Ransomware

Related: Pitney Bowes Says Disruptions Caused by Ryuk Ransomware

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

A digital ad fraud scheme dubbed "VastFlux" spoofed over 1,700 apps and peaked at 12 billion ad requests per day before being shut down.