Thyssenkrupp Hacked, Again!

A cyberattack has hit the German industrial giant Thyssenkrupp. The company shared the attack reports on Tuesday and said that two of its divisions were directly targeted, and the hackers are believed to be involved in organized crime. 

The hackers targeted the group’s materials services division and corporate headquarters. The appropriate authorities have been informed about the attack, and Thyssenkrupp believes that despite the cyberattack, all the data has been saved, and none seems to have disappeared.

In the initial period of the attack, the company’s cybersecurity experts detected some unauthorized activities and confirmed unidentified access.

As soon as the threat was detected, the company’s researchers started mitigation to confine the origin and the damage. The company claimed no indication of any stolen or modified data at the time of writing.

However, the fact that hackers broke into the company’s system is still alarming. The attack did not affect one of the two divisions, and the company operates its daily routine, a spokesperson told AFP.

A Chequered History

According to reports, the current threat actor behind this attack is still unknown. However, looking at the timeline of attacks between 2016 and 2022, links can be easily drawn to multiple threat groups, which have attacked the German industrial giant over these years.  

In January 2021, a prolific threat group that goes by the name NetWalker ransomware attacked the company. In the previous year, two more threat actors repeatedly attacked Thyssenkrupp and managed to breach the systems of its subsidiary companies. Here is a quick look at the timeline of cyberattacks on the company. 

Thyssenkrupp cyberattacks timeline 

February 2016

Hackers took project data from ThyssenKrupp‘s plant engineering division and other areas yet to be established in breaches detected by the company’s internal security team in April. They tracked back to February, according to the company. 

December 2020

On December 28, 2020, threat actors gained access to critical HR information and documentation regarding the company’s present and past employees through the ThyssenKrupp Materials group of firms in the United States and Canada. 

January 2021

In January 2021, a ThyssenKrupp subsidiary disclosed that it was the target of a ransomware outbreak, which resulted in the encryption of its servers and employee workstations. 

December 2022 

In the latest attack, an unknown threat group targeted two major company divisions. Still, there are no indications that the data has been stolen or modified by the threat actors, said a company spokesperson. 

Why Thyssenkrupp?

Since the massive cyber attack on Thyssenkrupp in 2016 where trade secrets of the company were stolen, the global conglomerate has become a prime target among hackers. An amalgamation of multiple companies and independent businesses that employs 96,000 people in 48 countries, Thyssenkrupp’s massive network makes it a a frequent target.