Sales appear to have been grounded at one of the world’s largest forklift parts vendors, TVH, as a result of a cybersecurity attack.
Since last week, the TVH website, its primary sales platform, has been out of action, initially telling visitors it was “experiencing problems accepting, processing and sending orders via its web platform”.
The Belgian company has since confirmed that the cyber attack was more severe than initially reported, with the hackers accessing the company’s data.
The latest update indicates that TVH teams are still investigating the cyber attack, “but so far, we have not found any indication that data is public”.
“We are informing relevant authorities of this attack.
“We are very serious about the confidentiality of our employees’ and our business partners’ data, and we understand that this might be of concern to you,” the company explains on LinkedIn.
“The third-party cyber forensic experts continue to thoroughly investigate this attack and we will update you when we have further insight.”
TVH is reassuring customers that it does not appear as if “other connected networks were affected by this attack”.
“We continue to work hard on the recovery of our systems to be operational as soon as possible. We're also taking, in the meantime, many preventive measures to reinforce our IT environment to the maximum,” the statement adds.
TVH, normally very responsive to media enquiries, has declined to answer questions from Forkliftaction News.
Contributors to the Forkliftaction Discussion Forums have noted that they are unable to place orders and that expected deliveries have not materialised.
Some have also noted that emails to their regular contacts at the company generate automatic out-of-office responses, indicating that TVH’s mailservers may also have been affected in the attack.
This is the latest in a growing wave of cyber attacks, with the European Union Agency for Cybersecurity, ENISA, noting increasing numbers and types of attacks.
The attack also comes in the wake of a warning earlier this month from the European Central Bank that cyber threats are becoming increasingly complex.
“Recent attacks call for constant vigilance at an operational level, and the continuous reassessment of regulatory and oversight frameworks to see whether they need to be updated. Significant but unpredictable shifts can occur at any time,” says Fabio Panetta, a member of the ECB's executive board.
“The ECB has identified supply chain attacks and ransomware as key threats in the current environment, and artificial intelligence (AI) as an emerging threat.
“The proliferation of cyber threat actors combined with an increase in remote working and greater digital interconnectedness is raising the risk, frequency and severity of cyberattacks. Increasingly, cyber criminals are launching ransomware attacks and demanding payment in crypto. Cyberattacks related to geopolitical developments – Russia’s aggression against Ukraine, in particular – have also become a more common feature of the cyber threat landscape.
Oliver Pinson-Roxburgh, CEO and co-founder of cyber security adviser Defense.com, warns
that businesses “need to be continuously monitoring for cyber attacks, no matter the size of the organisation. There are threat actors constantly targeting internet-facing systems because they are easy targets.”
ENISA has been issuing a number of recommendations to businesses in general to improve their cybersecurity posture.
A spokesperson tells Forkliftaction News that every business should be developing a good cybersecurity culture. “This is most likely to be true if management takes responsibility and engages effective communications actions which will ensure employee buy-in. Appropriate cybersecurity training should systematically be part of the training plan of employees.”
The agency warns that implementing cybersecurity measures cannot be done randomly. “Each organisation operates under different circumstances, and it is therefore essential to first make an assessment of the possible risks and devise a dedicated action plan,” the spokesperson says.