Now on Demand Ransomware Resilience & Recovery Summit - All Sessions Available

SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Railway Vehicle Maker Stadler Hit by Malware Attack

Railway rolling stock manufacturer Stadler Rail is currently investigating a malware attack that forced some of its systems offline.

Railway rolling stock manufacturer Stadler Rail is currently investigating a malware attack that forced some of its systems offline.

Headquartered in Bussnang, Switzerland, the company produces a variety of trains (high-speed, intercity, regional and commuter heavy rail, underground, and tram trains), and trams, and has roughly 11,000 employees at over 40 locations.

Last week, the Swiss manufacturer announced that what appears to be a professional threat actor was able to compromise its network with malware and to exfiltrate an unknown amount of data.

“Stadler internal surveillance services found out that the company’s IT network has been attacked by malware which has most likely led to a data leak. The scale of this leak has to be further analyzed,” the company said in a press release.

The company did not provide details on the type of malware used in the attack, but revealed that the miscreants were attempting to extort money from Stadler by threatening to make stolen data public, in an attempt to “harm Stadler and thereby also its employees”.

The company said it immediately took the necessary steps to contain the incident and that it also engaged with an external team to launch an investigation into the matter. Authorities were also alerted.

Stadler also revealed that the affected systems were being rebooted, and underlined that its backup systems are functioning.

The company’s mentioning of systems having to be restored and of backup data suggests that ransomware might have been used in the attack.

Advertisement. Scroll to continue reading.

Ransomware operators such as those behind Maze have been stealing victim data and have attempted to extort more money by threatening to make it public in the event a ransom is not paid, and the attack described by Stadler fits the pattern.

Contacted by SecurityWeek, the Swiss manufacturer refrained from providing additional details on the incident, given the ongoing investigation.

Related: Maze Ransomware Caused Disruptions at Cognizant

Related: Australian Shipping Giant Toll Hit by Ransomware for Second Time

Related: Shade Ransomware Authors Release Decryption Keys

Related: Human-Operated Ransomware Is a Growing Threat to Businesses: Microsoft

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

More from

Latest News

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

CIEM Chat: How to Reduce Cloud Identity Risk
March 26, 2024

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

Virtual Event: Ransomware Resilience & Recovery Summit
April 17, 2024

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

People on the Move

Bill Dunnion has joined telecommunications giant Mitel as Chief Information Security Officer.

MSSP Dataprise has appointed Nima Khamooshi as Vice President of Cybersecurity.

Backup and recovery firm Keepit has hired Kim Larsen as CISO.

More People On The Move

Expert Insights

Related Content

Comodo Forums Hacked via Recently Disclosed vBulletin Vulnerability

Cybercrime

Comodo Forums Hacked via Recently Disclosed vBulletin Vulnerability

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

October 1, 2019
Ransomware Alerts Ransomware Alerts

Cybercrime

Cyber Insights 2023 | Ransomware

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

February 2, 2023
Web3 and Metaverse Security Web3 and Metaverse Security

Cybercrime

Cyber Insights 2023 | The Coming of Web3

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

February 6, 2023
Neiman Marcus Says Hackers Breached Customer Accounts

Cybercrime

Neiman Marcus Says Hackers Breached Customer Accounts

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

February 2, 2016
Zendesk Hacked After Employees Fall for Phishing Attack

Cybercrime

Zendesk Hacked After Employees Fall for Phishing Attack

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

January 24, 2023
Russia hackers hit Microsoft Russia hackers hit Microsoft

Cybercrime

Microsoft Warns of Office Zero-Day Attacks, No Patch Available

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

July 11, 2023
ChatGPT attack ChatGPT attack

Artificial Intelligence

Malicious Prompt Engineering With ChatGPT

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

January 25, 2023
Dish Network Dish Network

Cybercrime

Dish Network Says Outage Caused by Ransomware Attack

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

March 1, 2023