Dresdner Kühlanlagenbau GmbH

Dresdner Kühlanlagenbau GmbH (DKA) is a German engineering company specializing in the construction of industrial refrigeration systems. Its name and the nature of documents mentioned in a known security incident, such as AutoCAD drawings, indicate a core business in designing and building complex cooling plants and related infrastructure for industrial clients. The company operates as a subsidiary within the larger Dussmann Group, a significant international business services conglomerate based in Germany. This structural relationship places DKA within a broader corporate framework, though its specific market reach and client portfolio are not detailed in the available information. Its activities position it within the specialized engineering and construction sector, focusing on technical installations that require specific expertise in thermal systems and industrial plant design.

The company's operational history includes a significant cybersecurity incident in July 2020. DKA was targeted by the Nefilim ransomware operation, which resulted in the encryption of company data and the exfiltration of approximately 200 gigabytes of archived files. The attackers subsequently leaked 14 gigabytes of this stolen data, which contained sensitive materials including accounting records, corporate communications, and proprietary engineering drawings. In response to the attack, DKA proactively shut down affected servers as a containment measure. The organization also fulfilled its regulatory obligations by notifying data protection authorities and law enforcement agencies about the breach. While the precise initial attack vector was never conclusively identified, investigations ruled out compromised VPN gateways and considered alternative entry points such as exposed remote desktop services or a phishing campaign. The incident impacted four distinct domains within the subsidiary's IT infrastructure, underscoring the breadth of the security event. This breach represents a documented case of a ransomware attack with data theft against an industrial engineering firm, highlighting the sector's vulnerability to such threats.