The ransomware plague which has affected so many public and private entities this past years sadly continues, with Glasgow-headquartered engineering specialist The Weir Group disclosing that it has been the target of a “sophisticated attempted ransomware attack” that occurred in the second half of September.
The company reported that its cyber security systems and controls responded quickly to the threat and that it undertook “robust action”.
This action included isolating and shutting down IT systems, including core enterprise resource planning and engineering applications. It said that these applications are now restored on a partial basis, while other applications are being brought back online in a progressive manner in order of business priority.
The attack led to a number of ongoing, but temporary, disruptions including engineering, manufacturing and shipment re-phasing, which has resulted in revenue deferrals and overhead under-recoveries.
Capabilities will be restored in the coming weeks, but the consequences of the operational disruption and associated inefficiencies are expected to continue into the fourth quarter.
Weir reported that a forensic investigation of the incident is continuing and so far, there is no evidence that any personal or other sensitive data has been exfiltrated or encrypted.
“We are continuing to liaise with regulators and relevant intelligence services,” the company said in a statement. “Weir confirms that neither it, nor anyone associated with Weir, have been in contact with the persons responsible for the cyber-attack.”
There has been no negative impact on orders during the third quarter and the group expects to deliver full year order growth in line with expectations.
However, as a result of the re-phasing of shipments caused by the cyber security incident, Weir experienced revenue deferrals of around £50m in September, alongside overhead under-recoveries in manufacturing and engineering.
While the bulk of the missed September revenue is expected to be shipped in the fourth quarter, “it is likely that the temporary disruption to our end-to-end value chain will cause some slippage of revenues” into 2022, together with some overhead under-recovery.
In order to reflect the incident, Weir is updating full year guidance.
The full year operating profit impact of fourth quarter revenue slippage is expected to be between £10m and £20m, while the impact of overhead under-recoveries is expected to be between £10m and £15m.
The majority of the impact is expected to be in the minerals division due to its engineering and supply chain complexity. The direct costs of the cyber incident are expected to be up to £5m.
As a result, the group now anticipates its full year profit before tax will be in the range of £230m to £245m.