Germany-based industrial conglomerate ThyssenKrupp was hit by a cyberespionage attack earlier this year that resulted in data being stolen from its industrial solutions and steel producing units.
An investigation revealed that the attack was carried out by a professional group of hackers from Southeast Asia and targeted technological know-how and research, according to the group,
While hackers managed to steal some information, its exact nature is not clear, with the exception of certain project data from an engineering company, ThyssenKrupp said in an emailed statement Thursday. As a result, at this time there’s no reliable estimation of the damage to the company’s intellectual property.
No evidence of sabotage or manipulation of data or applications has been identified during the investigation, the company said.
Created through the 1999 merger of German steel makers Thyssen and Krupp, ThyssenKrupp has over 470 subsidiaries worldwide. It is one of the largest steel producers in the world, but it also does business in the automotive, aerospace, shipbuilding and battery industries.
The attack only affected systems from the conglomerate’s Industrial Solutions and Steel Europe business divisions. Critical IT systems, like those used by its Marine Systems business unit, which builds naval vessels and submarines, or by its blast furnaces and power plants in Duisburg, were not affected, according to the company.
This is the latest in a long string of cyberespionage attacks that have targeted industrial companies in recent years and highlights the challenges they face in today’s hostile Internet environment.
ThyssenKrupp did not provide details about how the attack occurred but said that it wasn’t the result of security deficiencies at the company or human error.
“Experts say that in the complex IT landscapes of large companies, it is currently virtually impossible to provide viable protection against organized, highly professional hacking attacks,” the company said.