ThyssenKrupp, a German multinational industrial engineering and steel manufacturing company, is fighting a cyberattack.

One or more threat actors are targeting the firm’s Materials Services division and corporate headquarters. The nature of the attack was not disclosed.

“Thyssenkrupp is currently the target of a cyberattack — presumably by organized crime”, a spokesperson said. “At the present time, no damage has been done, nor are there any indications that data has been stolen or modified.”

The assault is believed to have been detected in its early stages by the company’s cybersecurity experts. Attempts to contain and terminate the attack are ongoing. The assault did not affect other parts of ThyssenKrupp.

Not the first

ThyssenKrupp has previously been the victim of cyberattacks. The firm was hacked in 2016 as part of a corporate espionage scheme that culminated in trade secrets being stolen. The attackers obtained project details from the company’s plant engineering division.

Four years earlier, ThyssenKrupp was targeted in an attack characterized as “heavy” and of “exceptional quality” at the time. Like the 2016 incident, espionage was believed to be the motive.

“Cyberattacks on ThyssenKrupp AG are another example of increasing risks to industrial organizations and the global supply chain”, Xage Security CEO Duncan Greatwood told SiliconANGLE.

Prioritizing prevention

“In fact, cyber risks are now spreading from energy and utility sectors and making their way into the manufacturing sector — such as steel manufacturing and heavy industries — in an effort to cause massive chaos”, Greatwood added.

The CEO believes that corporate mindsets need to change from detecting and responding to attacks to blocking them before damage is caused. “Prevention is possible, even once the threat has infiltrated the network or compromised some systems”, according to Greatwood.

The CEO added that “accelerating implementation of preventive cybersecurity capabilities should be a key priority for industrial organizations and critical infrastructure operators in 2023.”

Tip: Makro’s parent company expects cyberattack to cost millions in profit