Semiconductor manufacturer Semikron hit by LV ransomware attack

German power electronics manufacturer Semikron has disclosed that it was hit by a ransomware attack that partially encrypted the company’s network.

Semikron has over 3,000 employees in 24 offices and 8 production sites worldwide across Germany, Brazil, China, France, India, Italy, Slovakia, and the USA, with a turnover of around $461 million in 2020.

It also says it’s one of the world’s leading power engineering component manufacturers, with 35% of the wind turbines installed each year operating with its technologies.

LV ransomware attack

“The SEMIKRON Group has been the victim of a cyber attack by a professional hacker group. As part of this attack, the perpetrators have claimed to have stolen data from our system,” the company revealed in a statement published Monday.

“The attack has also led to partial encryption of our IT systems and files. The entire network is currently being studied and adjusted forensic.”

According to an alert issued by the German Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik) and seen by BleepingComputer, the ransomware operators are blackmailing the company and threatening to leak allegedly stolen data.

While the company didn’t share any information about the ransomware used in the incident, a ransom note deployed on one of the encrypted Semikron systems seen by BleepingComputer indicates it was an LV Ransomware attack and says the attackers stole 2TB worth of documents.

Claims of data theft under investigation

Semikron is investigating attackers’ claims that they stole data from the encrypted systems before encryption with the help of external cybersecurity and forensic experts.

The company added that it also informed and collaborates with relevant authorities throughout the investigation and would alert customers and partners if any evidence of data theft is found.

“At the same time, we are working on restoring the working ability to minimize disruptions for our employees, customers and contractual partners and to ensure the best possible security of our IT systems,” Semikron added.

“We are also supported by the competent authorities in the investigation and coordination of further measures.”

A Semikron spokesperson was not immediately available for comment when contacted by BleepingComputer earlier today.

Comments

Jez-The-Penguin – 2 days ago
“a ransomware attack that partially encrypted the company’s network”, I am trying to work out how you would encrypt a Cat5/6 cable tie a really tight knot in it? I supposed you could encrypt the OS on a switch which would be an interesting attack given the 6 month lead time on switches these days.
Darkice – 2 days ago
You seriously think that when someone refers to a “network”, it just means cat5/6 cables?
Jez-The-Penguin – 1 day ago
I am sorry I offended you by pointing out the less than optimal use of the English language by an IT professional.
The company itself seems to have a handle on it “The attack has also led to partial encryption of our IT systems and files”
Alas the art of using the correct words to fully describe things seems to be on fading in to history like newspapers and editors.
JohnnyJammer – 17 hours ago
TBH, you can blast a large ATX009 signal down the copper and degrade over time, only 1 prob with that.
It takes yonky donks and also do we include TSP?
Its never the copper that carries the failed signal but the device on each end 🙂