Webinar recording: Full ability to act despite cyberattack - How HYMER's purchasing department remains operational with Tacto

‍

‍

Cyber attacks are no longer a rarity and are increasingly hitting medium-sized companies with full force. The consequences are often serious: IT failures, data loss and production downtime can cause massive financial damage within a matter of hours.

HYMER Leichtmetallbau, a leading manufacturer in the field of access and vehicle technology, experienced this in 2024 when a cyber attack paralyzed the entire IT system. However, the purchasing department remained operational with the cloud-based SRM software from Tacto.

‍

In the webinar, Alexander Frei (Head of Purchasing at HYMER) and Robin Krebs (Cyber Security Expert at Zscaler) explained how the attack took place, why cloud technology significantly improves the resilience of purchasing and how companies can prepare for such crises.

‍

‍

Insight from Zscaler: Why companies are targeted by cyber attacks

‍

The threat of cyber attacks has increased dramatically in recent years. Reports of hacked companies, stolen data or paralyzed IT systems can be found in the news almost daily. While cybercrime was once often seen as an isolated risk for banks or large technology companies, companies of all sizes and from all sectors are now affected.

‍

There are many reasons for this: digitalization is advancing rapidly, IT systems are becoming increasingly complex and dependence on digital processes is growing. At the same time, cyber criminals are developing ever more sophisticated methods of attack - often with the help of automated tools, artificial intelligence and targeted social engineering.

‍

"Cyberattacks are not a question of if, but when. If you don't have a well thought-out emergency strategy, you risk serious business disruption." - Robin Krebs, cyber security expert at Zscaler

‍

According to Zscaler, there are certain attack methods that occur again and again and hit companies hard:

‍

1. phishing attacks: Fake emails or websites pretend to be from legitimate senders and trick employees into revealing passwords or confidential information. A single click is often enough to give attackers access to the entire company network.
‍‍

2. zero-day vulnerabilities: Cyber criminals exploit security vulnerabilities before official updates or patches are released. This is particularly dangerous for companies that do not regularly update their IT systems.‍
‍

3. ransomware attacks: Data is encrypted and only released against payment of a ransom. These attacks can paralyze entire companies - and even after payment, there is no guarantee that all data will be restored.
‍

4. insider threats: Not all cyberattacks come from outside. Malicious or negligent employees can manipulate or pass on data in a targeted manner or open up access for attackers.
‍

5. AI-supported social engineering: Attackers are increasingly relying on artificial intelligence (AI) to create deceptively genuine deepfake calls or personalized scam emails that are almost indistinguishable from real messages.
‍

6. insecure connections to third-party providers: Companies are often connected to other IT systems via supplier interfaces and external service providers. Inadequately secured access points are a popular gateway for attackers.

‍

‍

Financial consequences: Why cyberattacks can be so expensive

‍

The financial consequences of a cyberattack go far beyond the actual ransom. According to Zscaler, the average cost of a cyberattack is up to USD 5 million. In addition to direct costs for IT recovery and ransom payments, there are also indirect losses due to production downtime, reputational damage and legal penalties.

‍

Direct costs

‍

• IT forensics and system recovery
• Investments in new security infrastructure
• Payment of ransom demands

‍

Production downtime & operational restrictions

‍

• Machine downtime and supply chain delays
• Loss of sales due to unfulfilled orders
• Restrictions on communication

‍

Regulatory penalties & compliance violations

‍

• GDPR penalties for data protection violations
• Contractual penalties due to non-compliance with delivery obligations
• Legal disputes with affected business partners

‍

Loss of reputation & damage to trust

‍

• Loss of customer trust, especially in the event of data breaches
• Image damage that has a long-term negative impact on business
• Difficulties in attracting new partners or investors

‍

Cyber attacks are therefore not just a technical problem, but an economic risk that can cause massive damage to companies.

‍

‍

Cyber attack on HYMER: Sudden system failure and IT emergency management

‍

In April 2024, HYMER was the target of a cyberattack in which all IT systems were encrypted by ransomware. The entire company was affected within a few hours:

‍

• No access to ERP, e-mails or order data

‍

• Production processes interrupted

‍

• Ransom demand by the attackers with a 48-hour deadline

‍

IT emergency management was activated immediately. While IT specialists and forensic experts worked on restoring the systems, the purchasing department found a solution to continue placing orders and keep supply chains running.

‍

‍

Cloud-based purchasing processes ensure business continuity

‍

During this critical phase, Tacto's cloud-based SRM software proved to be a decisive factor in the purchasing department's ability to act. While all internal IT systems were down, Tacto remained fully functional.

‍

"Without cloud-based access to our purchasing data, we would have been unable to act. Tacto enabled us to continue working despite the attack." - Alexander Frei, Purchasing Manager at HYMER

‍

This enabled the purchasing team:

‍

• Continuous access to supplier contacts
  While customer contacts were not accessible in ERP and Outlook, supplier data was still available via Tacto.

‍

• Access to historical order data
  ‍Previousorders and price histories could be retrieved to estimate requirements.

‍

• Creation of demand forecasts
  ‍Onthe basis of existing data, it was possible to determine order quantities and prevent bottlenecks.

‍

• Direct communication with suppliers
  Direct coordination with suppliers was still possible via the Tacto platform.

‍

• Stabilization of supply chains
  Despite the attack, HYMER was able to achieve 85% of the planned monthly turnover. In the caravan sector, delivery reliability was even maintained at 100%.

‍

‍

‍Lessonslearned from the cyber attack: How HYMER is preparing for the future

‍

After successfully overcoming the crisis, HYMER has implemented several IT security measures to minimize future cyber risks:

‍

• Introduction of two-factor authentication (2FA) for all users

‍

• Combined data backup with offline backups and cloud backup

‍

• Development of an emergency management concept with analog contact lists

‍

• Stricter rules on data storage and new data protection guidelines

‍

• Regular IT security training for all employees

‍

In addition to these measures, Zscaler also recommends network segmentation to separate sensitive areas of the IT infrastructure, as well as carrying out regular security audits and emergency tests, because an IT security concept is only as good as its implementation.

‍

‍

Conclusion: Why cloud technology is crucial for resilient procurement processes

‍

The cyberattack on HYMER shows that traditional on-premise systems alone are not enough to maintain business processes in an emergency. Cloud-based solutions such as Tacto offer companies an independent infrastructure that also works in the event of IT failures or cyberattacks.

‍

With access to purchasing data, supplier contacts and order histories, HYMER was able to react quickly and avoid bottlenecks. This case underlines why a robust, digital purchasing strategy is not only essential for efficiency, but also for crisis resilience.

‍

‍

Outlook

‍

The threat of cybercrime will continue to increase in the coming years. Companies should invest in security measures at an early stage and digitally secure their purchasing processes. Cloud-based systems such as Tacto offer a resilient alternative to traditional IT infrastructures and help companies remain capable of acting even in times of crisis.