nav search
Data Center Software Security Transformation DevOps Business Personal Tech Science Emergent Tech Bootnotes BOFH

Real deal: Hackers steal steelmaker trade secrets

ThyssenKrupp acknowledges attack, claims defense is 'virtually impossible'

By Thomas Claburn, 8 Dec 2016

German steel maker ThyssenKrupp AG on Thursday said trade secrets were stolen in a cyber-attack earlier this year.

The company characterized the incursion in a statement as "a professional attack, apparently from the Southeast Asian region."

The attackers sought to steal technological and research data related to ThyssenKrupp's Business Area Industrial Solutions, a division responsible for the design, construction, and service of industrial plants and associated systems.

A company spokesperson, in an email to The Register, said that "data fragments have been stolen," but declined to confirm additional details presented in a Reuters report.

The company said it doesn't have an estimate about the extent of the intellectual property loss, apart from "certain project data in an operative engineering company." No further information about the nature of this project has been disclosed.

Germany's Federal Office for Information Security (BSI) did not immediately respond to a request for comment.

According to Reuters, the attack was detected in April and is believed to have started in February. The company reportedly delayed publicizing the attack in order to address the issue across its facilities all at once.

In its statement, ThyssenKrupp said the attack was not attributable to security failings or to human error. It went to far as to claim that it couldn't have mounted a successful defense against skilled attackers.

"Experts say that in the complex IT landscapes of large companies, it is currently virtually impossible to provide viable protection against organized, highly professional hacking attacks," the company said.

The company's spokesperson declined to comment further on the nature of the attack or what allowed it to succeed.

ThyssenKrupp said affected IT systems have been updated and are now subject to ongoing monitoring to detect subsequent attacks. It also stressed that IT systems for its submarine business and for its blast furnaces and power plants in Duisburg were not affected.

This may not have been the case two years ago, when Germany's BSI issued a report [PDF] stating that a blast furnace in the country, operated by an undisclosed company, suffered massive physical damage as a result of a cyber attack.

Citing unnamed sources, Bloomberg at the time said ThyssenKrupp was the company in question. ThyssenKrupp, however, denied that claim.

In 2012, German magazine Der Spiegel reported that ThyssenKrupp had been targeted by Chinese hackers interested in industrial espionage.

Citing a recent BIS survey, ThyssenKrupp said 66 per cent of respondent organizations have been targeted by online attacks, and only 44 per cent of those companies mounted a successful defense. ®

The Register - Independent news and views for the tech community. Part of Situation Publishing