11 October 2021

Engineering firm Weir Group suffers ‘sophisticated’ ransomware attack


Engineering firm Weir Group suffers ‘sophisticated’ ransomware attack

Weir Group, one of Scotland's biggest engineering firms, revealed it was victim of “a sophisticated attempted ransomware attack” in the second half of September forcing the company to shut down some of its operations

In a statement, the mining equipment firm said that “Weir’s cybersecurity systems and controls responded quickly to the threat” and took a number of measures, such as isolating and shutting down IT systems including core Enterprise Resource Planning (ERP) and engineering applications. However, the company said the incident led to shipping delays worth more than £50m in revenue.

Weir estimates that the incident could cost it as much as £5 million.

“As a result of the rephasing of shipments caused by the cybersecurity incident, the Group experienced revenue deferrals of c.£50m in September alongside overhead under-recoveries in manufacturing and engineering,” the firm said in the statement.

While the investigation into the breach is still ongoing, at this point no evidence has been found that any personal or other sensitive data has been exfiltrated or encrypted, it said.


Back to the list

Latest Posts

LightBasin hackers compromised 13 global telecoms in just two years

LightBasin hackers compromised 13 global telecoms in just two years

LightBasin is active since at least 2016 and is focused on Linux and Solaris servers, only interacting with Windows systems as needed.
20 October 2021
Suspected Chinese hackers reportedly hit 9 Israeli hospitals

Suspected Chinese hackers reportedly hit 9 Israeli hospitals

Attempted attacks come days after a massive ransomware attack on Hillel Yaffe Medical Center, attributed to the DeepBlueMagic group.
19 October 2021
State-sponsored hackers target orgs in South Asia with custom backdoor

State-sponsored hackers target orgs in South Asia with custom backdoor

Harvester has been observed using both custom malware and publicly available tools, such as Cobalt Strike Beacon and Metasploit, in their attacks.
19 October 2021