The German manufacturer of military equipment, weapons and components for Rheinmetall cars confirmed that the Black Basta extortion group is behind the cyberataka for the company’s system in April.
The company representative said that Rheinmetall continues to work on eliminating the consequences of the attack. According to the representative of RheinMetall, the cyberurine was affected only by the civil business of the company that uses a strictly divided IT infrastructure.
The company is also a key supplier of the Leopard tank. Rheinmetall announced the incident to the relevant authorities and filed a statement to the prosecutor’s office of Cologne.
Earlier in April, the representative of Rheinmetall reported that the attack affected the business unit of the company, which serves industrial customers, in particular, in the automobile sector. Rheinmetall defense unit, which produces military equipment, weapons and ammunition, has not suffered and continues to work in the same mode.
Note that Rheinmetall was already subjected to cyber attack in 2019, as a result of which the IT infrastructure of the Rheinmetall Automotive division was infected with malicious software. Representatives of the company did not reveal the details of the incident. Then the company only stated that the recovery period after the attack would take about 2-4 weeks, and the losses will amount to € 3 million – € 4 million per week.
Black Basta is an operator of boards and a criminal organization offering Ransomware-AA-A-Service (RAAS), which first appeared in early 2022 and immediately became one of the most active groups of the RAAS threats in the world, numbering more than 100 confirmed victims for the first few months of work.
Recently, the group attacked the Swiss company ABB, one of the world leaders in the field of robotics. According to sources, the attack affected hundreds of company devices. It is reported that the attack violated the work of the company, detained projects and influenced the work of factories.