Only a few days ago we told you about the Luxottica case and the hacker attack that involved the entire company and production chain. It is yesterday’s news that the Carraro Group, an international leader in the agricultural machinery sector with over three thousand employees worldwide and a turnover of almost 550 million, suffered a serious computer attack on Tuesday.
It seems that since last Tuesday, the company’s computers have started to show repeated anomalies. After an investigation by specialist technicians, the response was unequivocal: it was a cyber attack.
The company was thus forced to invite hundreds of employees to work remotely, at the same time triggering a precautionary lay-off for employees.


Another ransomware attack

As in the case of Luxottica, it appears to be ransomwarethat has paralyzed the computer systems that control the group’s entire business, from administration to production, which for the Carraro Group is highly automated by robots.

Seven hundred employees have been at home for two days (and it is not yet known for how long) between the Campodarsego plants (500) and those of the Agritalia division in Rovigo (about 200).
The workers were placed in the payroll subsidies pending the restoration of the computer systems that control practically all the group’s activities, from administration to highly automated production.
For those Italian employees who are unable to guarantee their work during these hours, the company has taken precautionary steps to activate the payroll subsidies,” reads the note issued by the Group yesterday.. “In addition, insurance cover dedicated to this type of event has been activated”.

The good news is that the timely activation of IT defence systems enabled the hackers’ attack to be repelled and prevented access and the subsequent theft of confidential data and information.
The Carraro IT Department promptly took action, also with the collaboration of experts in the field and the police, in order to verify possible damage to the infrastructure as well as to assess possible remediation actions on the network of servers affected by the attack.
It is expected that from tomorrow and in the coming days activities will gradually return to normal.

It is therefore important to emphasise, once again, the importance of preventing this type of problem and equipping oneself with tools to prevent such attacks from occurring, thus protecting the integrity and confidentiality of company data and any internal organisation.