By Eric Auchard and Tom Käckenhoff
FRANKFURT (Reuters) - Technical trade secrets were stolen from the steel production and manufacturing plant design divisions of ThyssenKrupp AG (DE:TKAG) in cyber attacks earlier this year, the German company said on Thursday.
ThyssenKrupp, one of the world's largest steel makers, said it had been targeted by attackers located in southeast Asia engaged in what it said were "organized, highly professional hacker activities".
In breaches discovered by the company's internal security team in April and traced back to February, hackers stole project data from ThyssenKrupp's plant engineering division and from other areas yet to be determined.
"ThyssenKrupp has become the target of a massive cyber attack," the industrial conglomerate said in a statement.
Globally, cyber attacks on banks, retailers and other businesses have led to widespread consumer and financial data losses in recent years. ThyssenKrupp's disclosure followed last week's attack on Deutsche Telekom (DE:DTEGn) routers that caused outage for nearly 1 million customers.
While revelations of industrial espionage are far rarer, estimates put the costs to businesses in the billions of dollars. China was frequently blamed for such commercial hacking attacks until the United States and China agreed not to hack each other's businesses (http://reut.rs/2gewbrH).
German business magazine Wirtschafts Woche reported the attacks hit sites in Europe, India, Argentina and the United States run by the Industrial Solutions division, which builds large production plants. The Hagen Hohenlimburg specialty steel mill in western Germany was also targeted, the report added.
The company declined to identify specific locations which were infected or speculate on likely suspects. It said it could not estimate the scale of the intellectual property losses.
BIG BANG COUNTER-ATTACK
ThyssenKrupp said it waited to publicize the attack while it identified, then cleansed infected systems in one concerted, global action before implementing new safeguards to monitor its computer systems. "It is important not to let the intruder know that he has been discovered," a spokesman said.
A criminal complaint was filed with police in the state of North Rhine-Westphalia and an investigation is ongoing, it said. State and federal cyber security and data protection authorities were kept informed at each stage, as well as Thyssen's board.
Secured systems operating steel blast furnaces and power plants in Duisburg, in Germany's industrial heartland in the Ruhr Valley, were unaffected, the company said.
No breaches were found at its marine systems unit, which produces military submarines and warships.
A previous cyber attack caused physical damage to an unidentified German steel plant and prevented the mill's blast furnace from shutting down properly.
The country's Federal Office for Information Security (BSI) revealed two years ago that the attack caused "massive damage", but gave no further technical details and the location of the plant has remained shrouded in mystery.
Subsequent media reports identified the target as a ThyssenKrupp facility, but the company has denied it was hit.
The industrial conglomerate, along with Airbus parent EADS, were the targets of major attacks by Chinese hackers in 2012, according to a Der Spiegel report (http://reut.rs/2hamDzY).
The company, a big supplier of steel to Germany's automotive sector and other manufacturers, is looking to form a joint venture of its European steel operations with India's Tata Steel (NS:TISC) to combat over-capacity in the sector.