Cyber Incident Victim: CPH Group
Date:
Jan 2022
Location:
Switzerland
Summary
A cyber attack targeting the organization's IT systems was detected by monitoring systems at its Perlen site, prompting an immediate controlled shutdown of all global IT infrastructure in accordance with contingency plans. Production was halted as a precaution in the Paper and Packaging divisions across Perlen and Müllheim facilities, while Chemistry Division operations continued unaffected. External cybersecurity specialists were engaged to analyze systems and facilitate restoration efforts, with preliminary assessments indicating backup systems remained uncompromised by the incident. Security protocols were activated as planned to protect infrastructure integrity during the response.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On the night of January 7, 2022, monitoring systems at the Perlen site of CPH Group detected an external cyber attack targeting the company’s IT infrastructure. In immediate response, the organization executed its contingency plan by initiating a controlled shutdown of all IT systems across its global operations. This decisive action aimed to isolate and contain the threat, with internal security protocols activated swiftly and according to established procedures. The incident disrupted normal business operations group-wide, though the extent of unauthorized access or data compromise remained unconfirmed in initial reports. CPH Group engaged external cybersecurity specialists to conduct forensic examinations of affected systems, prioritizing efforts to secure the environment and prepare for restoration.
The attack precipitated operational halts in CPH Group’s Paper and Packaging divisions at Perlen and Müllheim facilities as a precautionary measure, reflecting the physical production dependencies on IT systems. In contrast, the Chemistry Division maintained operational continuity despite the IT shutdown, indicating varying levels of system criticality across business units. CPH Group confirmed its external backup systems remained unaffected by the attack, providing a foundation for recovery efforts. No details regarding attack vectors, perpetrator identity, or data exfiltration were disclosed. The company focused on system diagnostics and restoration timelines without specifying expected downtime durations or financial impact assessments. Response activities centered on infrastructure hardening and validation prior to reactivating services, with no reported customer or supply chain disruptions beyond internal production pauses.