French electronics manufacturer Lacroix closed three factories as a result of a cyberattack they “intercepted” over the weekend, the company has announced on Monday.
Lacroix designs and produces electronic equipment for the automotive, home automation, aerospace, industrial and health sectors, as well as connected equipment for the management of critical infrastructures.
The Lacroix cyberattack
During the night of May 12 to May 13, the company has blocked a cyberattack on its French (Beaupréau), German (Willich) and Tunisian (Zriba) sites, while other sites have been secured.
Although the company did not explicitly say it was a ransomware attack, it confirmed that “some local infrastructures have been encrypted and an analysis is also being carried out to identify any exfiltrated data.”
Lacroix is aiming to make sure that the attack is completely contained before getting those plants back online. They estimate that it will take them until May 22 to restore data from backups and resume production.
Ransomware attacks can be very costly
Ransomware attacks that disrupt the functioning of manufacturing facilities can lead to huge costs for victim companies.
In 2019, Norwegian aluminum company Norsk Hydro was hit by attackers wielding the Locker Goga ransomware, and had to temporarily shut down several plants. The company refused to pay the ransom, and the incident ended up costing them tens of millions of dollars.
“It should be noted that the activity of these three sites represents 19% of the group’s total sales in 2022,” Lacroix said in its statement, but also noted that “given the favourable calendar with only 3 days of effective production this week on the French and German sites, [the company] does not envisage at this stage any significant impact on the performances announced for the Group for the whole of 2023.”