Danish pump maker DESMI reported a cyber attack on its servers overnight on 7-8 April
Attackers targeted DESMI’s communications systems and requested a ransom for data recovery, however the company said its enterprise resource planning (ERP) and finance systems were untouched.
DESMI’s production sites in China, India, America, and Denmark continue running normally, with only minor disruptions, the company said.
At present, the scale of data loss is being investigated and the incident has been reported to the authorities and Danish Police.
Since the attack, DESMI said it has had support from external experts and has focused on restoring systems to normal operations and assessing the full scope of incident’s impacts.
DESMI chief executive Henrik Sørensen said it is likely that data was stolen from the systems, and predicted the perpetrators would try to misuse the data.
“Our communication systems were affected by the cyber attack but due to a fantastic job performed by many employees and external experts our communication systems are back online. Emails from the past week [have all been] received by DESMI, but due to the situation, not distributed to the intended DESMI employees until later ... Therefore, we now have a huge task of replying to these emails from the past week, and ensuring all emails and requests are dealt with in a proper way.”
The company said it had started restoring its systems.
“[The] first part of our systems will be up and running within a couple of days and the rest within a couple of weeks,” Mr Sørensen said.
“Everything is progressing according to plan. We are recovering systems and together with external experts we are working intensively to minimise customer impact and impact on operations. Everyone is doing a fantastic job to get the systems operational again.”
DESMI said it will provide operational updates to all customers and business partners as soon as possible.