Aebi Schmidt, a European industrial conglomerate, has been left without email access after a ransomware attack hit the the €413 million revenue company.
The Switzerland-based company, which provides specialist road cleaning and sweeping vehicles, including to a wide range of leading airports, confirmed it had suffered an incident in an information-thin note to customers on Wednesday.
“Due to an IT system failure, the Aebi Schmidt Group can temporarily neither receive nor send emails. The telephone systems are working as usual” it said, adding that only Windows machines are affected and had to be “rebooted step-by-step”.
The company, which employs over 1,800 staff worldwide, blamed “an attempt by third parties to infiltrate malware into our systems” for the system outages.
It did not respond to numerous calls requesting comment.
The attack comes as ransomware attacks spiked in the first quarter of 2019, as a new Malwarebytes threat report shows. WannaCry, Troldesh and Gandcrab were, as ordered, the top three forms of ransomware Malwarebytes detected.
The report notes that: “Business ransomware detections… exploded, with nearly 200 percent more ransomware found on endpoints than the previous quarter. In addition, ransomware detections have skyrocketed an incredible 500 percent year over year.”
Malwarebytes said: “We’ve mentioned how ransomware is no longer the innovative force it once was, instead choosing to rework and update older infections. Troldesh is no exception, having been around since 2014.”
Fraser Kyne, EMEA CTO at cyber security firm Bromium told Computer Business Review: “Organisations need to create cyber resilience by adopting layered cybersecurity defences that utilise application isolation to contain malicious threats, providing rich-threat telemetry about the hacker’s intent that hardens the entire defensive infrastructure against known and unknown malware attacks.”
He added: “This allows organisations to keep critical IP protected and help them stay one-step ahead of new techniques or services being deployed by cybercriminals.”