Information technology services at Swiss industrial manufacturer Schlatter Industries AG have been disrupted after the company was hit by a cyberattack on Friday.
In a statement released today, the company described the attack as a “cyber-attack using malware,” with internal specialists, together with external experts, taking measures to limit the damage as fast as possible. Authorities have also been contacted and Schlatter is investigating whether data was stolen.
Though it did not disclose the form of malware, the company added that “the unknown perpetrators are attempting to blackmail Schlatter.” Any attempted “blackmail” would require leverage and that could be encrypted data or stolen data.
If it sounds like ransomware, it usually is. The blackmail, in this case, is likely a demand for a ransom payment in return for encryption keys to decrypt data and a promise not to release stolen data.
Founded in 1916, Schlatter specializes in manufacturing welding and weaving machines for various industries and is considered a global leader in resistance welding systems and weaving machines for special applications.
The company seemingly doesn’t provide services or materials in any contentious industries, such as defense, making the attack unlikely to be politically motivated, unlike numerous companies that have been targeted by Russian hackers since the invasion of Ukraine in 2022. Given the “blackmail” demand, the attack, at least on the surface, would appear to be financially motivated, with the attackers hoping that their victim will cough up money to head off any further issues.
Given the lack of disclosure of how it occurred, Roger Grimes, data-driven defense evangelist at security awareness training company KnowBe4 Inc. told SiliconANGLE that, “as always in every compromise, one of the key things the victim should do is learn how the compromise happened.”
“Was it due to social engineering… very likely …unpatched software or firmware, compromised login credentials, misconfiguration or so on,” Grimes added. “Because if the victim organization can’t figure out how they were compromised, the less likely they are to make sure they can’t be compromised the same way in the future.”