Hackers Pilfer Trade Secrets In ThyssenKrupp Cyber Attack

The very real risks to businesses posed by cyber attacks has been starkly illustrated with the news that German conglomerate ThyssenKrupp had its trade secrets stolen by hackers.

The firm admitted in a statement that technical trade secrets were stolen from the steel production and manufacturing plant design divisions.

And it said the cyber attack was ‘professional’ and the hackers are likely from the Southeast Asian region.

Industrial Espionage

ThyssenKrupp said it was cooperating closely with the German organisation for cyber security DCSO, after it discovered the breach, and has also notified state authorities and the police.

“According to our analyses, the aim was essentially to steal technological know-how and research from some areas of Business Area Industrial Solutions (espionage),” said the firm in a statement. “Systems of Business Area Steel Europe were also affected. Specially secured IT systems for especially critical have not been concerned (e.g IT of Business Unit Marine Systems or production IT of blast furnaces and power plants in Duisburg).”

In 2014 for example, a blast furnace at a steelworks in Germany was badly damaged by a cyber attack. That attack resulted in “massive damage to machinery” at the unnamed German steel mill.

“There have been no signs of sabotage and no signs of manipulation of data and applications or other sabotage,” said ThyssenKrupp. “The attack was discovered, continuously observed and analysed by thyssenkrupp´s CERT.”

It said the attacked IT systems are now under 24/7 monitoring to detect any new attempted attacks.

“At present there is no reliable estimation as to the damage (e.g. loss of intellectual property) caused by the attack,” said ThyssenKrupp. “It has been noted that fragments of data have been stolen in the areas involved in the attack. Content of this loss of data is not clear yet, with the exception of certain project data in an operative engineering company.”

And the firm was keen to stress that the attack was not a result of security deficiencies at Thyssenkrupp, and human error has also be ruled out.

“Experts say that in the complex IT landscapes of large companies, it is currently virtually impossible to provide viable protection against organized, highly professional hacking attacks,” it said. “Early detection and timely countermeasures are crucial in such situations. Thyssenkrupp has been successful in both respects.”

Critical Infrastructure

While Thyssenkrupp has denied that any critical systems had been compromised, this attack highlights the need to protect industrial systems to safeguard critical national infrastructure.

Researchers have previously warned that security weaknesses in industrial control systems could allow hackers to create cataclysmic failures in infrastructure.

The United States has for example already passed legislation that would protect its electricity grid from cyber attacks.

The GRID Act directs the FERC (Federal Energy Regulatory Commission) to take measures to protect the electricity grid from telecommunications intrusions.

Quiz: Are you a security pro?

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Ericsson To Cut 1,200 Jobs in Sweden Amid ‘Challenging’ Market

Swedish telecoms giant Ericsson blamed “challenging mobile networks market” and “further volume contraction” for job…

6 hours ago

FTX’s Sam Bankman-Fried Sentenced To 25 Years In Prison For $8bn Fraud

Dramatic downfall. Sam Bankman-Fried sentenced to 25 years in prison for masterminding $8bn fraud that…

7 hours ago

Elon Musk Orders FSD Demo For Every Tesla US Sale

Fallout avoidance? Tesla buyers in the US must be shown how to use the FSD…

8 hours ago

Amazon Pumps Another $2.75 Billion Into Anthropic

Amazon completes its $4bn investment into AI firm Anthropic, after providing an additional $2.75bn in…

10 hours ago

The Sustainability of AI

While AI promises unparalleled efficiency, productivity, and innovation, questions regarding its environmental impact loom large.…

13 hours ago

Trump’s Truth Social Makes Successful Market Debut

Shares in Donald Trump’s social media company rose about 16 percent after first day of…

13 hours ago