A ransomware attack shut down European manufacturer, Aebi Schmidt.
The Switzerland-based maker of airport maintenance and road cleaning vehicles had operations disrupted Tuesday following the attack, according to a report in TechCrunch citing a source with knowledge of the incident.
Systems went down across the company’s international network, including its U.S. subsidiaries, but much of the damage was in the company’s European base. A number of systems connected to the Aebi Schmidt network across the world ended up paralyzed. The source said systems necessary for manufacturing operations were inaccessible following the attack. The company’s email is also said to be affected.
It isn’t immediately known what kind of ransomware knocked the company’s systems offline.
The multinational manufacturing giant just acquired M-B Companies, a maker of snow removal and cleaning machines, following earlier acquisitions of winter maintenance equipment maker Meyer Products and Swenson Products.
Company spokesperson Thomas Schiess confirmed a systems outage, specifically “email system troubles. I can confirm that the availability of other systems was or may still be limited, our specialists are still working on resolving the issue, the cause is not yet clear,” he said in the report, but would not comment further.
On Wednesday, Schiess said its operational systems — including its SAP business and sales systems — are working and production is “up and running.” But, he said, the company’s Windows network is “affected by a virus” and other systems were shutdown as a precaution.
“Technicians are working hard to restore the Windows environment, but this will take some time,” he said.
But the source said employees were sent home — in some cases forced to take unpaid leave.
Schiess would not comment on claims of ransomware specifically, but the source in the TechCrunch report said staff were told the incident was a “ransomware attack.”
Aebi Schmidt is the latest company hit by ransomware. Aluminum manufacturing giant Norsk Hydro was forced offline briefly following a ransomware attack in March. The company quickly recovered after utilizing its backup recovery process. In addition, beverage maker, Arizona Beverages, suffered a ransomware attack earlier this month, shutting down its systems for a week.
“Flip a coin – that’s basically the odds of any organization being targeted,” said Terry Ray, senior vice president and fellow at security provider Imperva. “Ransomware infections are common, they typically get in through the oldest trick in the book, phishing. If you want to avoid being in the next headline, it will pay to be prepared now as to minimize operational downtime and decrease the expense associated with an attack, which could ultimately span to millions of dollars.
“The best way to prevent an attack is to immediately detect ransomware data access behaviors before the ransomware spreads across the network and encrypts critical data stores. Once detected, you can quarantine impacted users, devices and systems. Having a strategy that takes into account what happens when a cyber-attack occurs, whether it’s ransomware or another method, is essential to resiliency.”