Breach Notification , Fraud Management & Cybercrime , Incident & Breach Response

Cyber Incident Knocks Construction Firm Palfinger Offline

Unknown Attack Has Disrupted the Company's Global IT Infrastructure
Cyber Incident Knocks Construction Firm Palfinger Offline
The cyber incident notification posted to Palfinger's website

The Austrian construction equipment manufacturing firm Palfinger AG reports being hit with a cyberattack that has knocked the majority of its worldwide IT infrastructure offline.

See Also: Gartner Guide for Digital Forensics and Incident Response

"Currently, the Palfinger AG and the majority of its sites are the target of an ongoing global cyberattack with massive effects on its IT infrastructure," states a notification posted to the company's U.S. website on Monday.

Palfinger says it does not yet know the extent or full impact of the attack, or how long it will continue, but it is making an intensive effort to find a solution.

"For the time being, Palfinger cannot be contacted via e-mail nor can it receive or process inquiries, orders, shipments and invoices. ­Your personal points of contact during this phase are only available by telephone," the company says.

The company did not indicate what type of attack is taking place. But Brett Callow, threat analyst with the security firm Emsisoft, says: "Given Palfinger's statement that the attack is affecting multiple systems and sites, ransomware is the most likely explanation."

Palfinger has more than 11,000 employees spread over 35 locations worldwide. The company's primary business is the manufacture of hydraulic lifting, loading and handling systems and cranes.

Palfinger did not immediately reply to Information Security Media Group's request for additional information about the incident

Manufacturing Under Attack

In another incident in the manufacturing sector, Kawasaki Heavy Industries reported Monday that, in December 2020, an unknown threat actor gained access to its internal network through servers located in an overseas office, with some data possibly being leaked to a third party, according to a company statement (see: Kawasaki: Cyber Incident May Have Resulted in Data Loss).

The breach was discovered on June 11 after an internal audit found an unauthorized connection between a company server in Japan and another corporate server located in Thailand, the company says. Communication with the Thai server was immediately severed, but the follow-up investigation found additional unauthorized connections.

The Japanese auto giant Honda acknowledged in June 2020 that it had been victimized in a way that affected production operations at several of its global facilities, including plants in the U.S., Japan, Turkey and Italy. A hacker accessed and inserted malware into an internal server at a Honda facility in Japan that eventually spread throughout the company's network (see: Honda Confirms Hack Attack Disrupted Global Production).


About the Author

Doug Olenick

Doug Olenick

Former News Editor, ISMG

Olenick has covered the cybersecurity and computer technology sectors for more than 25 years. Prior to his stint as ISMG as news editor, Olenick was online editor for SC Media, where he covered every aspect of the cybersecurity industry and managed the brand's online presence. Earlier, he worked at TWICE - This Week in Consumer Electronics - for 15 years. He also has contributed to Forbes.com, TheStreet and Mainstreet.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.