Lacroix develops and manufactures electronic equipment for the automotive, home automation, aerospace, industrial, and healthcare industries. Lacroix also creates and manufactures equipment for the administration of critical infrastructures.
The corporation thwarted a cyberattack on its locations in France (Beaupréau), Germany (Willich), and Tunisia (Zriba) during the night of May 12 into May 13, while other sites were successfully guarded.
Even while the corporation would not state unequivocally that it was an attack involving ransomware, it did reveal that “some local infrastructures have been encrypted and an analysis is also being carried out in order to identify any exfiltrated data.”
Before bringing those plants back online, Lacroix wants to be absolutely certain that the attack has been entirely controlled first. They believe that it will take them till the 22nd of May to recover the data from their backups and begin production again.
The corporation said that it has temporarily disabled a number of its online services in order to evaluate the extent of the losses caused by the assault.
According to a statement that was issued by Lacroix, investigations are now being conducted to guarantee that the attack has been totally controlled before the systems of these locations are restarted. “However, some of the local infrastructures have been encrypted, and an investigation is also being carried out in order to identify any data that may have been exfiltrated.”
Attacks by ransomware that interfere with the operation of industrial facilities may result in enormous expenses for the businesses that are victimized.
In 2019, the Norwegian aluminum business Norsk Hydro was attacked by cybercriminals using the Locker Goga ransomware. As a result of the attack, some of the company’s factories were forced to temporarily shut down. The business did not pay the demanded ransom, which resulted in significant financial losses for the organization totaling tens of millions of dollars.
Lacroix stated in its statement that “it should be noted that the activity of these three sites represents 19% of the group’s total sales in 2022.” However, the company also mentioned that “given the favorable calendar with only three days of effective production this week on the French and German sites, [the company] does not envisage at this stage any significant impact on the performances announced for the Group for the whole of 2023.” In order for the firm to properly examine the level of damage inflicted by the attack, it has temporarily disabled a number of its online platforms.
Information security specialist, currently working as risk infrastructure specialist & investigator.
15 years of experience in risk and control process, security audit support, business continuity design and support, workgroup management and information security standards.