Arms and car parts manufacturer affected by massive malware attack in the US, Brazil and Mexico

Any type of company can become a victim of a cyberattack. Web application security specialists report that Rheinmetall, a German-based manufacturer of weapons and car parts, has suffered a malware attack that has disrupted its production in countries such as Brazil, Mexico and the US. “Our production processes are experiencing severe disruptions,” says a statement from the company.

Due to these failures, the company’s shares fell at the start of this day on the stock exchange. Rheinmetall shares, which had increased by nearly 50% since the beginning of 2019, fell by 2.9% this Friday morning.

Peter Ruecker, the company’s representative, says the company’s web application security teams have already shut down all compromised IT infrastructure; “It’s also getting its full rebuild ready,” the spokesman says.

Major European companies in critical industrial areas, such as the production of machinery and armament, are becoming the main targets of threat actors’ groups.

A couple of days ago, the AFP news agency reported a series of cyberattacks against the French company Airbus. Apparently, these attacks were carried out through the IT systems of some of its security service providers; some reports from web application security experts point to the alleged involvement of hacker groups backed by the Chinese government.

Another important antemetential occurred in Germany, when BASF, Henkel and Siemens revealed a series of attacks against their computer systems. Several months earlier a group of German journalists had already revealed this incident, as well as attributed responsibility to Chinese government-related hackers.

Rheinmetall estimates that the disruption in its systems will last between three weeks and a month; so far, it has been estimated that the incident will have a financial impact of between 3 and 4 million euros for each week that the company’s systems are out of operation. “However, we would like to point out that deliveries will be made according to the dates set before the incident,” Ruecker added.

The spokesman also mentioned that the web domain affected during the incident was disconnected from Rheinmetall’s corporate network. Finally, the company representative noted that only operations in the automotive industry were affected, so Rheinmetall’s armament operations are completely secure, although the company’s experts maintain strict monitoring to prevent future incidents.

International Institute of Cyber Security (IICS) web application security experts mention that state-sponsored hacking attacks are becoming one of the main threats to private companies and critical government infrastructure, as they have great disruption capacity and it is virtually impossible to foresee such threats. To date, significant such incidents have been reported, perhaps the most prominent being those that occurred in Ukraine, when hackers allegedly hired by the Kremlin managed to generate a massive disruption in the electricity service of a important portion of the country.