A malware infection at German car parts manufacturer Rheinmetall Automotive has caused “significant disruption” to production at company plants in Brazil, Mexico, and the United States, the company disclosed Thursday.
Rheinmetall Group, the manufacturer’s parent company, said it expects to lose 3 to 4 million euros, or $3.28 to $4.38 million, per week due to the incident, starting next week. Rheinmetall Automotive provides top car manufacturers with auto parts such as pistons, engine blocks, and emissions control equipment, according to its website. Rheinmetall Group’s IT systems outside of plants in those three countries do not appear to be affected, the company said.
Since late Tuesday, Rheinmetall Automotive said in a statement, it has been grappling with “malware attacks” and the “length of the disruption cannot be predicted at this time. The most likely scenarios suggest a period lasting between two and four weeks.”
Shares in the company dropped early Friday on the heels of the incident.
A spokesperson for Rheinmetall Automotive could not be reached for comment on the type of malware deployed and who the suspected attacker was.
Manufacturers have in some cases opened up more avenues for hackers by embracing digitization in recent years, observers say. The sector is also saddled with legacy devices that aren’t properly secured, according to David Wolf, principal security researcher at cybersecurity company Forescout.
Among the sectors the Forescout tracks, Wolf said, “manufacturing has a significant ratio of unmanaged Windows devices, and the highest ratio of unknown, unclassified devices, partly because manufacturing firms use a lot of legacy, embedded technology that’s sensitive to active inspection.”
One of the most impactful recent cybersecurity incidents in the manufacturing sector occurred at Norsk Hydro, a top aluminum producer. In March, Norsk Hydro was hit with malware that forced the company to temporarily stop some production and switch to manual operations in some areas.