International electronics manufacturer Lacroix has reportedly intercepted a targeted cyber-attack on its activity sites in France (Beaupréau), Germany (Willich) and Tunisia (Zriba).
To assess the damages caused by the attack, the company said it temporarily shut down several online systems.
“Prior to restarting the systems of these sites, investigations are underway to ensure that the attack is completely contained,” Lacroix wrote in a statement. “However, some local infrastructures have been encrypted, and an analysis is also being carried out to identify any exfiltrated data.”
Read more on similar attacks: Bitmarck Halts Operations Due to Cybersecurity Breach
These operations, combined with the need to use backups to restore systems, are expected to require a few days, leading to the closure of the three sites for the week.
“Even if it is still too early to know exactly when production will resume, Lacroix is aiming for a reopening on Monday, May 22nd,” reads the statement.
In the meantime, the firm said partial activity measures had been implemented, and a tailored management and restart plan has been devised for each site.
“Louis Pourdieu, General Manager of the Electronics EMEA activity, with the support of his teams, is informing customers and suppliers about the closure and the conditions for restarting these sites,” Lacroix added.
The affected sites represent a significant portion of the company, accounting for 19% of the group’s total sales in 2022. However, due to a “favorable calendar” this week, with only three days of production, Lacroix does not anticipate any significant impact on the overall performance projected for the group in 2023.
Oz Alashe MBE, CEO of CybSafe, emphasizes that the closure of three Lacroix factories is a stark reminder that cyber security must surpass compliance and tick-box exercises.
“Ransomware, wiperware, and any other type of malware are preventable. It starts with basic cyber hygiene: network segmentation, backups, regular patching, and vulnerability assessments,” the executive explained.
“However, organizations that want to stay ahead of criminals (and competition) will be promoting positive security behaviors, treating them as a core value or an active process. People want to be part of the solution. Give them the tools and training to allow them to be effective.”
The attack on Lacroix comes six months after DNV, a Norwegian software supplier, was affected by a ransomware attack that impacted roughly 1,000 shipping vessels.