German automotive and arms manufacturer Rheinmetall breached by a ransomware gang

The Black Basta hacker group added Rheinmetall, a renowned global weapons manufacturer, to its list of victims of cyberattacks on the group’s dark web blog. The blog post showcased several screenshots of purportedly stolen data, including what appears to be a blueprint of manufacturing equipment. The exposure of Rheinmetall on this platform raises concerns about the potential compromise of sensitive information and the implications for the company’s security.

The company has since confirmed the cyberattack, stating: ‘Rheinmetall is continuing to work on resolving an IT attack by the ransomware group Black Basta. This was detected on 14th April 2023. It affects the Group’s civilian business.’ The company has reportedly managed to prevent the attack from affecting its military business.

Image: Cyber News

In the beginning of the year, Killnet, a former pro-Russian hacker collective now operating as a private military company, Killmilk, urged its followers to launch coordinated attacks on various internet protocol (IP) targets, including Rheinmetall’s IT infrastructure in Germany and Australia.

During that period, a representative from Rheinmetall acknowledged the rise in network requests. However, Rheinmetall’s IT Security team did not identify any significant obstacles that would hinder the company’s IT infrastructure from functioning normally.

Based in Düsseldorf, Germany, Rheinmetall holds a significant position in the automotive and arms manufacturing industry. The company has controlling stakes in Rheinmetall MAN Military Vehicles and Rheinmetall BAE Systems Land. With a workforce of over 27,000 employees, Rheinmetall boasts a revenue of over $6 billion.