ThyssenKrupp, one of the world’s largest steelmakers, has revealed that it was the victim of a ‘massive cyber attack’ earlier this year.
The company was targeted by attackers from southeast Asia in what it has described as “organised, highly professional hacker activities”. The hackers were trying to obtain “technological know-how and research results”, according to the company.
“ThyssenKrupp has become the target of a massive cyber attack,” the company said in a statement.
The attack targeted systems from ThyssenKrupp’s Industrial Solutions and Steel Europe divisions. The complete loss of intellectual property has not been confirmed, however the company noted that “fragments of data” were stolen. The content of the data remains unclear, aside from project data from an engineering plant.
Critical IT systems such as those used by its Marine Systems division, which builds naval vessels and submarines, or by its blast furnaces and power plants, were not affected.
The company’s internal security team discovered the breaches in April, and was able to trace them back to February. ThyssenKrupp held off publicising the attack while it cleansed its systems.
“It’s important not to let the intruder know that he has been discovered,” said a spokesperson.
The company is certain that the attack was neither the result of security deficiencies, nor human error. Cyber-crime units of the police force remain involved.
In a bleak statement, the company concluded, “Experts say that in the complex IT landscapes of large companies, it is currently virtually impossible to provide viable protection against organised, highly professional hacking attacks.”