Baar, 16.09.2020

Cyberattack on parent company of Rittmeyer

The Brugg Group of industrial companies, together with its subsidiary in Zug, has become the victim of a cyber attack: unknown persons have encrypted the data on the company's computer systems – and the perpetrators are now demanding money.

The Brugg Group was the victim of a cyber attack last Thursday. According to a statement from the company, previously unknown perpetrators have "encrypted internal data on some of the IT systems of the Brugg Group." The internationally active group, which is based in Brugg in Aargau and specialises in cable systems, rope technology, pipe systems and process control technology, reacted immediately. "As an immediate measure, all IT systems in the entire group were shut down," writes the company.

The Brugg Group also includes the Baar-based company Rittmeyer, which develops measurement and control technology solutions for energy and water supply, hydropower plants and wastewater treatment plants, and employs around 210 people in Baar. The Rittmeyer systems are integrated into the IT infrastructure of the Brugg Group, explains media spokeswoman Patricia Iten: "The immediate measures taken therefore also shut down the servers of the Rittmeyer companies," adds the spokeswoman.

Previously unknown perpetrators have encrypted data on the IT systems of the Brugg Group

Perpetrators now demanding money for decryption
The Brugg Group was prepared for such a scenario, and immediately set up a task force with internal and external IT and forensics experts, who are currently carrying out a thorough investigation of the incident. "Our specialists are working hard to fix the IT fault as quickly as possible," the company assures. At the same time, law enforcement agencies were called in and a criminal complaint has been filed. In addition, notification was made to the relevant data protection authorities, both at home and abroad.

Media spokeswoman Patricia Iten says: "We can confirm that the perpetrators have made a demand for money." This form of extortion is common in such cyberattacks – if the company pays, the encryption of the data is removed. The spokeswoman did not say how much money was being demanded, or whether the Brugg Group have made a payment. "We are currently unable to provide any further information on this," says Iten. The top priority for the Brugg Group at the moment is to restore normal business operations. "Together with our internal and external IT experts, we are currently working hard to identify all the impacts of this cyberattack."

Despite the cyberattack, the manufacturing operations at home and abroad were able to continue to operate normally." The IT systems are now gradually being restarted under the highest security precautions," continues the Brugg Group. Protecting customers and their data is a top priority for the company. Customer cloud systems hosted by Brugg Group were not affected by the cyberattack, and will continue to operate.