Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

Lacroix Closes Production Sites Following Ransomware Attack

Technological equipment supplier Lacroix has closed three production sites after experiencing a ransomware attack.

Cloud SCADA

Technological equipment giant Lacroix Group says it has closed three production sites for the week after experiencing a ransomware attack.

Lacroix is an international designer and producer of embedded and industrial internet of things (IIoT) systems, including automotive and aerospace equipment, water and energy infrastructure equipment, and smart road infrastructure solutions.

According to the company, on the night of May 12, it detected a targeted cyberattack that hit its French (Beaupréau), German (Willich) and Tunisian (Zriba) sites that produce electronics systems.

The company shut down computer systems at these sites and launched an investigation to determine if the attack was fully contained and if any data was exfiltrated.

Before the attack was intercepted, however, file-encrypting ransomware was deployed and some of the local infrastructures were encrypted.

“The time needed to carry out these actions and to use the backups to restart should take a few days, which is why the three sites are closed for the week,” Lacroix says.

At the moment, the company aims to resume production at the three sites on May 22, and says that partial activity measures have been implemented, along with recovery plans for each site.

The cyberattack, Lacroix says, is not expected to have a significant impact on the group’s performance for this year, because the three sites accounted for 19% of sales last year and because the French and German sites would have been closed on Thursday and Friday, in celebration of Ascension Day, which is a public holiday in both countries.

Advertisement. Scroll to continue reading.

Related: New Babuk-Based Ransomware Targeting Organizations in US, Korea

Related: Capita Says Ransomware Attack Will Cost It Up to $25 Million

Related: Ransomware Group Claims Attack on Constellation Software

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

Wendi Whitmore has taken the role of Chief Security Intelligence Officer at Palo Alto Networks.

Phil Venables, former CISO of Google Cloud, has joined Ballistic Ventures as a Venture Partner.

David Currie, former CISO of Nubank and Klarna, has been appointed CEO of Vaultree.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.