Cyber attack on Richard Wolf GmbH: Restrictions on communication have been largely reduced, logistics gradually return to normal operations
In the wake of the cyber attack at the beginning of November work on the forensic analysis, cleanup and restarting of IT systems continues at full speed. The company's telephone services and the bulk of staff's personal email accounts have returned to normal operation. It is expected that by the end of the week, the previous restrictions in the company's logistics IT will also be resolved.
When restarting IT services, Richard Wolf GmbH is relying on a multistage security process accompanied by external IT forensic experts to prevent the systems from being re-infested and rule out re-entry via possible backdoors by the cyber criminals.
In cyber security the guiding principle is for years: "it is not a question of whether you will become a victim of a cyber attack, but when you will become a victim of a cyberattack." For this reason, Richard Wolf GmbH had prepared for this scenario in recent years and taken technical and organizational precautions with its own specialist staff, internal trainings and external consulting. This also includes open, transparent communication with the cyber attack and its temporary consequences for the company. For that reason, the company immediately announced the cyber attack to the relevant authorities, suppliers, major customers as well as the workforce and received understanding, goodwill and also offers of support in overcoming the particular challenge. For Richard Wolf GmbH dealing openly and transparently with the current challenge is an important aspect of the corporate culture, which is characterized by long-standing, sustainable and trusting cooperation with suppliers, customers and employees.
The cyber attack at a glance:
In the night from Wednesday to Thursday, 03 November 2022, Richard Wolf GmbH was attacked by professional cyber criminals using sophisticated malware. These cyber criminals belong to organized crime and are responsible for a current wave of cyber attacks on well-known companies worldwide. Richard Wolf GmbH's protective measures have ensured that data and systems have been protected to the greatest possible extend. Nevertheless, the cyber criminals managed during the short attack period to exfiltrate data from the systems, encrypt the systems and blackmail the company with the key and the data. Richard Wolf GmbH did not respond to the cybercriminals ransom demand and is thus following the recommendations of cybersecurity experts and investigative authorities, as well as the experience of other companies after cyberattacks.
A full cleanup and recovery of all systems has already started with the support of external cybersecurity consultants and in coordination with investigators from the Landeskriminalamt, which is the German State Criminal Police Office. However, it must be prevented that the new systems and their new safeguards can be infiltrated and attacked again through backdoors or undedected infected files. For this reason, extreme care and caution must be exercised here and only a gradual rollout is possible. Further short-term restrictions in digital communication and availability can therefore not be ruled out completely.
Richard Wolf GmbH is a medium-sized medical technology company with over 1,500 employees, along with eighteen subsidiaries and 130 foreign agencies worldwide. The company develops, produces, and distributes numerous products for endoscopy and extracorporeal shock wave treatment in human medicine. Integrated operating room systems round out the product range.
Richard Wolf GmbH
Pforzheimer Straße 32
75438 Knittlingen, Germany
Tel. +49 7043 35-1102