Weir Group hit by cybersecurity incident

Crushing, screening and washing equipment provider Weir Group has revealed details of a cyberattack against the company.
Crushing Static & Mobile / October 12, 2021
By Liam McLoughlin
Weir chief executive Jon Stanton said the company was the subject of a sophisticated external attack
Weir chief executive Jon Stanton said the company was the subject of a sophisticated external attack

The UK-based group says it is currently managing the consequences of "a sophisticated attempted ransomware attack" that occurred in the second half of September.

Weir adds that its cybersecurity systems and controls responded quickly to the threat and took robust action. This included isolating and shutting down IT systems including core Enterprise Resource Planning (ERP) and engineering applications.

It says that these applications are now restored on a partial basis, and other applications are being brought back online in a progressive manner in order of business priority. The above actions have led to a number of ongoing but temporary disruptions including engineering, manufacturing and shipment rephasing, which has resulted in revenue deferrals and overhead under-recoveries. Effective capabilities are being progressively restored in the coming weeks but the consequences of the operational disruption and associated inefficiencies are expected to continue into the fourth quarter.  

Weir says that its forensic investigation of the incident is continuing and so far, there is no evidence that any personal or other sensitive data has been exfiltrated or encrypted. It adds that it is continuing to liaise with regulators and relevant intelligence services.

The manufacturer says that neither it, nor anyone associated with Weir, have been in contact with the persons responsible for the cyberattack.

Weir chief executive Jon Stanton said: “We responded quickly and comprehensively to what was a sophisticated external attack on our business. The robust action to protect our infrastructure and data has led to significant temporary disruption but our teams have responded magnificently to this challenge and have managed to minimise the impact on our customers. We will continue to focus on the safe restoration of all our systems whilst strengthening our future resilience even further."

Weir also issued a performance update for the third quarter, shwing that the minerals division delivered order growth of 30% with original equipment up 71%.

OE growth was supported by a very active market for small brownfield and integrated solutions rather than any specific large projects. The minerals division also continued to make market share gains with its energy and water saving High Pressure Grinding Rolls (HPGR) technology reflecting increased demand for more sustainable mining solutions. Demand for its mill circuit product range was also strong as customers increased maintenance and replacement activity.  Aftermarket demand was also strong, with orders up 16% despite ongoing restrictions on site access, travel and customers’ logistics as miners continued to focus on maximising ore production. Divisional revenues were impacted by the cybersecurity incident towards the end of September.

Weir says that there has been no negative impact on orders from the cybersecurity incident in Q3 and that it continues to expect to deliver full year order growth in line with its expectations, resulting in a strong order book heading into 2022. As a result of the rephasing of shipments caused by the cybersecurity incident, the group experienced revenue deferrals of c.£50m in September alongside overhead under-recoveries in manufacturing and engineering. While the bulk of the missed September revenue is expected to be shipped in Q4 Weir says it is likely that the temporary disruption to our end-to-end value chain will cause some slippage of Q4 revenues into 2022 together with some overhead under-recovery. 

For more information on companies in this article