[BreachExchange] Manufacturing giant Aebi Schmidt hit by ransomware

[Destry Winant]

https://techcrunch.com/2019/04/23/aebi-schmidt-ransomware/

Aebi Schmidt, a European manufacturing giant with operations in the
U.S., has been hit by a ransomware attack, TechCrunch has learned.

The Switzerland-based maker of airport maintenance and road cleaning
vehicles had operations disrupted Tuesday following the malware
infection, according to a source with knowledge of the incident.

Systems went down across the company’s international network,
including its U.S. subsidiaries, but much of the damage was in the
company’s European base. A number of systems connected to the Aebi
Schmidt network across the world were left paralyzed. The source said
systems necessary for manufacturing operations were inaccessible
following the attack. The company’s email is also said to be affected.

It isn’t immediately known what kind of ransomware knocked the
company’s systems offline.

The multinational manufacturing giant recently expanded its U.S.
presence with the acquisition of M-B Companies, a maker of snow
removal and cleaning machines, following earlier acquisitions of
winter maintenance equipment maker Meyer Products and Swenson
Products.

After several efforts to reach the company by email, phone or
unsolicited LinkedIn messages, spokesperson Thomas Schiess confirmed a
systems outage, specifically “e-mail system troubles,” in a Facebook
message. “I can confirm that the availability of other systems was or
may still be limited, our specialists are still working on resolving
the issue, the cause is not yet clear,” he said, but would not comment
further.

On Wednesday, Schiess said its operational systems — including its SAP
business and sales systems — are working and production is “up and
running.” But, he said, the company’s Windows network is “affected by
a virus” and other systems were shutdown as a precaution.

“Technicians are working hard to restore the Windows environment, but
this will take some time,” he said.

But the source said employees were sent home — in some cases forced to
take unpaid leave.

Schiess would not comment on claims of ransomware specifically, but
the source said staff were told during an all-hands meeting Wednesday
that the incident was a “ransomware attack.”

Aebi Schmidt is the latest company downed by ransomware in recent weeks.

Aluminum manufacturing giant Norsk Hydro was forced offline briefly
following a ransomware attack in March. The company quickly recovered
after it put in place its backup recovery process. It was a better
response than drinks company Arizona Beverages, which was hit by
ransomware a month later, causing its systems to shutter for a week —
despite warnings from the FBI weeks earlier that the company was
infected with malware lying dormant.