Cybercrime: Schmersal Group Operational Again Following Cyber Attack

June 23, 2020

The call came at 4.45 pm on 20 May – the Schmersal Group was officially informed that cyber criminals were planning to launch a targeted attack on the company’s network. The call was verified (it could have been a fake) and it was then down to the IT managers to think fast and take action. Their decision was ultimately to shut down the entire network – a hugely significant action. The connection to the internet was terminated within ten minutes, and within 90 minutes, the entire IT network worldwide was offline. Everything had been disconnected, from the telephone system to the entire ERP system infrastructure, as well as the entire production process and fully automated storage, at all locations. 

As it turned out, this was the only right decision, and it was implemented at exactly the right time. IT forensic experts were then able to identify the highly aggressive malware and isolate it. It was obvious that the attacker was still in the preparatory phase of the attack when the systems were shut down, and it was important to stop the attacker from completing the attack. As such, it was essential that the systems remained offline as a precaution, until they could be completely cleansed. The offline status remained in place for several days thereafter, with production at a standstill, while the administration and sales departments worked tirelessly to inform customers, suppliers and other business partners of the ongoing situation. Philip Schmersal, Managing Director, explains, ‘Situations like these really highlight how dependent companies now are on IT. Making telephone calls, e-mails, accepting orders – we had to find alternative channels for every process. We worked extremely hard to keep in contact with our customers in every conceivable way and to keep them up to date. Ultimately, it was important to minimise the impact on our customers’ supply chains. At the same time, we had a lot of “manual work” to do. As the Schmersal-specific malware was not recognised by any of the standard virus scanners at first, each computer needed to undergo an individual cleansing routine. In parallel to that, communication was maintained using replacement servers, and thousands of e-mails of orders were printed out and processed manually, and software programs booted up again.’

After a week of extremely intense work, the ERP system was up and running again and the central warehouse in Wuppertal could function again. The global communications network between the seven production sites and 64 national companies and sales representations was also successfully reactivated. It took a further week for production at the German sites to be fully restored. On the lessons learned from the incident that brought the company to a fortnightly standstill, Philip Schmersal says, ‘Firstly, we were fortunate to be warned so that we could act quickly. I was extremely impressed by the commitment of our staff who worked to maintain emergency operation without the network being available and did so completely independently of working times and departmental affiliation, even working at weekends. This crisis really showed that we live up to our corporate philosophy – we operate as one company. Staff put this into practice with fantastic commitment, thereby helping to ensure that we could get everything up and running again quickly, considering the severity of the attack.’

The responsible managers were also impressed by the close cooperation with neighbouring companies and network partners in the region. Philip Schmersal continues, ‘It was only with help from local medium-sized enterprises that we were able to complete the extensive work needed on the IT infrastructure. We’d also like to express our gratitude to a number of other companies in the automation sector that have already fallen victim to such attacks and selflessly assisted us over those fourteen days. We must also thank our customers for their patience and understanding, and in particular, our staff, for their extraordinary commitment during this difficult period.’

The attack demonstrated that standard protection from antivirus programs and a firewall is powerless in the event of a targeted attack with previously unknown malware. Schmersal has handed comprehensive information on the malware to relevant providers of antivirus programs. Providers have since acted to strengthen their protection so that, to the fullest extent possible, this particular virus can no longer inflict damage. Philip Schmersal continues, ‘Nevertheless, we have learned that company IT in medium-sized enterprises needs to redefine itself and that the topic of security really is a top priority.’


Related Articles

Changing Scene

  • Eaton Canada Welcomes Dino Alimonti as New Vice President of Sales

    Eaton Canada Welcomes Dino Alimonti as New Vice President of Sales

    Dino Alimonti has been selected as Vice President, Sales, Eaton Canada, effective July 1, 2023. In his new role, Dino will be responsible for leading, developing and executing sales strategies across key targeted industry segments. He will manage and direct the growth activities of the Sales and Channel teams as well as provide business and operational leadership to the sales teams and associated support functions. Read More…

  • Roberta Nelson Shea from Universal Robots Receives Prestigious Robotics Award for Contribution to Robot Safety

    Roberta Nelson Shea from Universal Robots Receives Prestigious Robotics Award for Contribution to Robot Safety

    For the second time within five years, a key figure at Universal Robots (UR), the Danish manufacturer of collaborative robots (cobots), has been awarded the world’s most prestigious robotics prize, the Joseph F. Engelberger Robotics Award, often described as the Nobel Prize of robotics. Following in the footsteps of UR’s co-founder Esben Østergaard, who was given the Engelberger Award in 2018 in the Technology category, Roberta Nelson Shea, UR’s Global Technical Compliance Officer received the award for Applications at a ceremony last night at the Automate Show in Detroit. Read More…

Sponsored Content
The Easy Way to the Industrial IoT

The way to the Industrial IoT does not have to be complicated. Whether access to valuable data is required or new, data-driven services are to be generated, Weidmuller enables its customers to go from data to value the easy way. Weidmuller’s comprehensive and cutting-edge IIoT portfolio applies to greenfield and brownfield applications. Weidmuller offers components and solutions from data acquisition, data pre-processing, data communication and data analysis.

Visit Weidmuller’s Industrial IoT Portfolio.

For a Multiplied Value Unified


During the last few years, the Excelpro Group has welcomed AIA Automation, Envitech Automation and Conrad Lavoie Electrical, all of which have become ‘Member of the Excelpro Group’.

It was with great excitement that in November of 2022, Excelpro announced that these three companies officially became Excelpro. This decision is part of a strategy to enhance the Excelpro Group’s brand in its market.

These companies already collaborate on various client projects. This merger brings together the complementary strengths of the employees and ensures a global synergy of the activities throughout the Group.

Read More

Service Wire Co. Announces New Titles for Key Executives

Bruce Kesler and Mark Gatewood have been given new titles and responsibilities for Service Wire Co.

Bruce Kesler has assumed the role of Senior Director – Business Development. Bruce will be responsible for Service Wire’s largest strategic accounts and our growing Strategic Accounts Team.

Mark Gatewood has been promoted to the role of Vice President – Sales & Marketing. In this role, Gatewood will lead the efforts of Service Wire Company’s entire sales and marketing organization in all market verticals.

Read More

Tri-Mach Announces the Purchase of an Additional 45,000 sq ft. Facility

Tri-Mach Elmira Facility

Recently, Tri-Mach Inc. was thrilled to announce the addition of a new 45,000 sq ft. facility. Located at 285 Union St., Elmira, ON, this facility expands Tri-Mach’s capabilities, allowing them to better serve the growing needs of their customers.

Positioning for growth, this additional facility will allow Tri-Mach to continue taking on large-scale projects, enhance product performance testing, and provide equipment storage for their customers. The building will also be the new home to their Skilled Trades Centre of Excellence.

Read More

JMP Parent Company, CONVERGIX Acquires AGR Automation, Expanding Global Reach

Convergix Automation Solutions has completed the acquisition of AGR Automation (“AGR”), a UK-based provider of custom, high-performance automation design and systems integration primarily to the life sciences industry.

Following Convergix’s acquisitions of JMP Solutions in August 2021 and Classic Design in February 2022, AGR marks the third investment in Crestview’s strategy to build Convergix into a diversified automation solutions provider targeting the global $500+ billion market, with a particular focus on the $70 billion global systems integration and connectivity segments. Financial terms of the transaction were not disclosed.

Read More

Latest Articles

  • Emerson Helps Optimize Innovative Recycling Process That Increases Sustainability of Waste-to-Energy Industry

    Emerson Helps Optimize Innovative Recycling Process That Increases Sustainability of Waste-to-Energy Industry

    Emerson is helping the Swedish cleantech company HaloSep to optimize their unique process that turns hazardous incinerator flue gas residue from waste-to-energy plants into usable materials. Emerson’s control technology and software is being deployed at HaloSep’s plant for optimization, research and technology (PORT) in Gothenburg, Sweden, to manage an innovative chemical separation process that recovers valuable salt, metals and minerals from fly ash. Read More…

  • Efficient Power Supplies – An Investment in the Future

    Efficient Power Supplies – An Investment in the Future

    In the search for a suitable power supply, the costs play a major role, alongside the technical requirements. The focus is often on the initial purchase price, while other potential costs that may be incurred during the operation of the power supply are not taken into consideration. In this blog post, we demonstrate why the decision to purchase a high-quality power supply is a profitable investment for your company, by taking a close look at all the costs involved. Read More…