International technological equipment supplier and IIoT solutions provider Lacroix Group had its electronic system production sites in Germany, France, and Tunisia shut down following a ransomware attack on May 12, SecurityWeek reports.
Despite immediate action to contain the attack, Lacroix Group discovered that attackers were able to distribute file-encrypting ransomware that was able to compromise some of the company's local infrastructures. Investigation into the attack's extent is underway.
"The time needed to carry out these actions and to use the backups to restart should take a few days, which is why the three sites are closed for the week," said Lacroix, which noted that partial activity measures have already been set as it plans to continue production at the impacted sites by May 22.
Moreover, Lacroix noted that the closure of the three sites, which are responsible for 19% of its 2022 sales, will not significantly affect its performance this year.
BleepingComputer reports that Knight ransomware was observed by KELA threat analysts to have the third iteration of its source code posted for sale by the operation's representative, Cyclops, on RAMP forums.