Cyber Incident Victim: Hawa Sliding Solutions AG

On the last weekend of April 2023, the IT department at Hawa Sliding Solutions AG detected that it had fallen victim to a cyberattack. The attack was specifically aimed at the company’s internal systems, which were critical for its core operational functions including order processing, production, and distribution. This incident was recognized as being part of a broader series of criminal operations that had been targeting small and medium-sized businesses and industrial companies in the preceding weeks and months, indicating a possible pattern of attacks against similar entities.

As soon as the attack became known, the company initiated an extensive package of measures. The immediate response involved shutting down all internal systems and disconnecting them from the network to prevent the attack from spreading further and to isolate the compromised infrastructure. This action was taken with the involvement of external cybersecurity specialists and an internal crisis management team that was mobilized to handle the situation. The primary stated goal of these initial containment steps was to ensure the safety of employees, as well as all customers and external partners who might be affected by the disruption or potential data exposure.

An emergency program was activated to comprehensively and continuously analyze, evaluate, and resolve the situation. The company’s management acknowledged the significant challenge posed by the incident and commended the response of its employees. The CEO, Ezequiel Di Claudio, stated that employees responded outstandingly to the challenge and that everyone made a contribution to help overcome the situation. With core systems offline and inaccessible, the company adapted its operations to maintain some level of functionality. As far as it was possible, employees were asked to carry out their tasks from their home offices, suggesting a shift to remote work to circumvent the incapacitated on-site IT infrastructure.

The incident directly impacted the company's ability to process orders and manage production and distribution workflows. Recognizing the potential for delays and disruptions, Hawa Sliding Solutions AG proactively communicated with its customers and suppliers. The company informed these external parties if their specific orders were directly affected by the systems outage. This outreach was part of an effort to manage the operational consequences and maintain transparency with business partners during the recovery process.

The leadership at Hawa Sliding Solutions AG framed the attack as a demonstration of significant criminal energy and creativity on the part of the hackers. Robert Berlinger, the Member of the Management Board responsible for Corporate Services, explained that despite the security systems in place, absolute protection against such attacks is not possible. He emphasized that the company's focus was on acting professionally and confidently in response to the incident. The company committed to working relentlessly to restore its systems and stated its intention to do everything possible to ensure they could be used safely and reliably in the future. A firm date for the full restoration of smooth and secure operations was not immediately available at the time of the initial communication, with the company promising to provide further information and regular updates on the progress of the recovery work as it developed.