German shipyard building Israeli subs targeted in 'massive' cyber attack
ThyssenKrupp says technical trade secrets were stolen in February from its steel production and manufacturing plant design divisions—but not from marine division; conglomerate attributes breaches to unnamed attackers located in southeast Asia.
FRANKFURT - Technical trade secrets were stolen from the steel production and manufacturing plant design divisions of ThyssenKrupp AG in cyber attacks earlier this year, the German company, which is contracted to build three submarines and four warships for the Israeli Navy, said on Thursday.
"ThyssenKrupp has become the target of a massive cyber attack," the industrial conglomerate said in a statement.
Despite that, the company said no breaches were found at its marine systems unit, which produces military submarines and warships.
In breaches discovered by the company's internal security team in April and traced back to February, hackers stole project data from ThyssenKrupp's plant engineering division and from other areas yet to be determined, the company said.
ThyssenKrupp, one of the world's largest steel makers, attributed the breaches to unnamed attackers located in southeast Asia engaged in what it said were "organized, highly professional hacker activities."
Globally, cyber attacks on banks, retailers and other businesses have led to widespread consumer data breaches and mounting financial losses in recent years, but revelations of industrial espionage are rare.
ThyssenKrupp's belated disclosure came a week after an attack on nearly 1 million routers caused outages for Deutsche Telekom customers.
German business magazine Wirtschafts Woche reported the attacks hit sites in Europe, India, Argentina and the United States run by the Industrial Solutions division, which builds large production plants. The Hagen Hohenlimburg speciality steel mill in western Germany was also targeted, the report added.
The company declined to identify specific locations which were infected or why it had not previously disclosed the attack. It said it could not estimate the scale of the intellectual property losses.
A criminal complaint was filed with police in the state of North Rhine-Westphalia and an investigation is ongoing, it said. State and federal cyber security and data protection authorities have been kept informed, as well as Thyssen's board.
Secured systems operating steel blast furnaces and power plants in Duisburg, in Germany's industrial heartland in the Ruhr Valley, were unaffected, the company said.
The infected computer systems have been cleansed and are now subject to constant monitoring against further cyber attacks.
A previous cyber attack caused physical damage to an unidentified German steel plant and prevented the mill's blast furnace from shutting down properly.
The country's Federal Office for Information Security (BSI) revealed two years ago that the attack caused "massive damage", but gave no further technical details and the location of the plant has remained shrouded in mystery.
Subsequent media reports identified the target as a ThyssenKrupp facility, but the company has denied it was hit.
The company, a major supplier of steel to Germany's automotive sector and other manufacturers, is looking to merge its European steel operations with Indian-owned Tata Steel to combat over-capacity in the sector.