Malware infection disrupts production at defence contractor plants in three countries

Rheinmetall plants in Brazil, Mexico, and the US disrupted by malware infection.

tank weapons

One of the biggest defence contractors in the world is having a very bad week after malware infected the company's network and caused "significant disruption" at plants in three countries, the company said on Thursday.

The infection took root on Tuesday, September 24, and affected Rheinmetall AG, a German corporation based in Düsseldorf, and one of the biggest manufacturer of armored fighting vehicles, tanks, ammunition, and various electronic systems.

Plants in Brazil, Mexico, and the US have been impacted, Rheinmetall said in a press release.

The company did not reveal any details about the incidents, or what type of malware was involved.

Rheinmetall expects losses in the tens of millios of euros

Rheinmetall said it expects to malware incident to have an impact on its bottom line in the long run, with losses in the tens of millions of euros.

"While deliverability is assured in the short term, the length of the disruption cannot be predicted at this time. The most likely scenarios suggest a period lasting between two and four weeks," it said.

"As things stand, the Group expects the malware event to have an adverse impact on operating results of between €3 million and €4 million per week starting with week two."

A spokesperson was not available for comment and additional details.

Rheinmetall is not the only major company to suffer a major malware infection in the past year. Past incidents mostly include ransomware incidents, such as those at airplane parts manufacturer Asco, aluminum provider Norsk Hydro, cyber-security firm Verint, the UK Police Federation, utility vehicles manufacturer Aebi Schmidt, Arizona Beverages, engineering firm Altran, the Cleveland international airport, and chemicals producers Hexion and Momentive.

Earlier this week, French TV station France24 revealed that Chinese state-sponsored hackers breached multiple Airbus suppliers by using unpatched VPN systems to enter their internal networks. The same hackers are said to have also targeted British engine-maker Rolls-Royce and the French technology consultancy and supplier Expleo.