In mid-October, Pilz GmbH & Co. KG became the target of a major cyberattack. Sever and communication systems belonging to the Germany-based automation company were affected worldwide. After four weeks, the company is drawing some initial conclusions: Pilz has overcome the attack; production and most areas of customer service have been re-established. Overall, the family business is emerging from the attack stronger. What’s more, the company is speaking out about the gravity of the threat level.
On October 13, the monitoring systems on the Pilz web servers recorded suspicious activity, which was identified as a hacker attack. Immediately after the onset of the attack, Pilz switched off all the company’s networks and servers to prevent a potential proliferation of the attack, both within the company and externally. However, the perpetrators had already used an encryption trojan, known as ransomware, to attack the worldwide server and encrypt some of the data.
Involving the authorities
Within a few hours of the attack, Pilz had notified the authorities and lodged a complaint. “With regard to the attack, we are in the best of hands with the investigating authorities. However, we can say this much: no customer or supplier data was breached and no viral proliferation of the attack has been identified. That’s good news!”, reports Thomas Pilz, Managing Partner of Pilz. In the first few days, the company used agile methods to get organized using whiteboards and secure messaging services. Working groups were formed and priorities were established. Even as the attack was being countered, forensic experts were painstakingly checking which areas of the network had been affected and were cleaning the data. Step by step, the company is getting its IT infrastructure back into operation. However, it will be some time before the usual level of full IT services is once again available.
Customers: Our number one priority
“The number one priority is to support and supply our customers to our usual level of high quality”, explains Susanne Kunschert, managing Partner. Production at the European sites is now running at the same level as before the attack. For the time being, production and logistics are working additional shifts to guarantee deliveries. Customer Support is in direct contact with customers around the world. The company also believes that the current situation provides opportunities to strengthen the company – and not only with regard to the IT. “The last few weeks have shown that while technology may fail, the solidarity and engagement of our employees and customers, and their willingness to resolve problems together, have carried us through. We are positive as we look to the future.”
Sharing experiences and raising awareness
Kunschert added: “The current wave of attacks against us and many other companies clearly demonstrates that cybercrime is increasingly becoming a serious threat to peace and prosperity in our world. We must all make a great effort to ensure that this type of organized criminality is given greater attention and that companies, association, authorities and politicians work more closely together to ensure that other companies and institutions are spared what we went through!”
The target of the cyberattacks at Pilz was the company’s IT systems for “office communication”. However, the automation company supplies products and solutions in the field of safety and security that serve to protect human and machine (machinery safety) and protect plant and machinery from unauthorized access or manipulation (industrial security). As a safe automation company, Pilz will use the experiences from the current cyberattack to expand its existing expertise in the field of safety and security and share this with its customers.