Register now for the next webinar (09/04):
Intelligent price inquiries - realizing cost savings in purchasing with AI-supported RFQ processes

Webinar recording: Full ability to act despite cyberattack - How HYMER's purchasing department remains operational with Tacto

published on
26.3.2025

Cyber attacks are a growing threat to companies - including SMEs. But what happens if the entire IT system suddenly fails?

HYMER Leichtmetallbau was the victim of a cyberattack in 2024 that paralyzed internal systems. While ERP and emails were no longer accessible, the purchasing department was able to continue working thanks to Tacto's cloud-based SRM software and thus maintain production.

Watch the webinar now

Cyber attacks are no longer a rarity and are increasingly hitting medium-sized companies with full force. The consequences are often serious: IT failures, data loss and production downtime can cause massive financial damage within a matter of hours.

HYMER Leichtmetallbau, a leading manufacturer in the field of access and vehicle technology, experienced this in 2024 when a cyber attack paralyzed the entire IT system. However, the purchasing department remained operational with the cloud-based SRM software from Tacto.

In the webinar, Alexander Frei (Head of Purchasing at HYMER) and Robin Krebs (Cyber Security Expert at Zscaler) explained how the attack took place, why cloud technology significantly improves the resilience of purchasing and how companies can prepare for such crises.

Insight from Zscaler: Why companies are targeted by cyber attacks

The threat of cyber attacks has increased dramatically in recent years. Reports of hacked companies, stolen data or paralyzed IT systems can be found in the news almost daily. While cybercrime was once often seen as an isolated risk for banks or large technology companies, companies of all sizes and from all sectors are now affected.

There are many reasons for this: digitalization is advancing rapidly, IT systems are becoming increasingly complex and dependence on digital processes is growing. At the same time, cyber criminals are developing ever more sophisticated methods of attack - often with the help of automated tools, artificial intelligence and targeted social engineering.

"Cyberattacks are not a question of if, but when. If you don't have a well thought-out emergency strategy, you risk serious business disruption." - Robin Krebs, cyber security expert at Zscaler

According to Zscaler, there are certain attack methods that occur again and again and hit companies hard:

1. phishing attacks: Fake emails or websites pretend to be from legitimate senders and trick employees into revealing passwords or confidential information. A single click is often enough to give attackers access to the entire company network.
‍‍

2. zero-day vulnerabilities: Cyber criminals exploit security vulnerabilities before official updates or patches are released. This is particularly dangerous for companies that do not regularly update their IT systems.‍

3. ransomware attacks: Data is encrypted and only released against payment of a ransom. These attacks can paralyze entire companies - and even after payment, there is no guarantee that all data will be restored.

4. insider threats: Not all cyberattacks come from outside. Malicious or negligent employees can manipulate or pass on data in a targeted manner or open up access for attackers.

5. AI-supported social engineering: Attackers are increasingly relying on artificial intelligence (AI) to create deceptively genuine deepfake calls or personalized scam emails that are almost indistinguishable from real messages.

6. insecure connections to third-party providers: Companies are often connected to other IT systems via supplier interfaces and external service providers. Inadequately secured access points are a popular gateway for attackers.

Financial consequences: Why cyberattacks can be so expensive

The financial consequences of a cyberattack go far beyond the actual ransom. According to Zscaler, the average cost of a cyberattack is up to USD 5 million. In addition to direct costs for IT recovery and ransom payments, there are also indirect losses due to production downtime, reputational damage and legal penalties.

Direct costs

  • IT forensics and system recovery
  • Investments in new security infrastructure
  • Payment of ransom demands

Production downtime & operational restrictions

  • Machine downtime and supply chain delays
  • Loss of sales due to unfulfilled orders
  • Restrictions on communication

Regulatory penalties & compliance violations

  • GDPR penalties for data protection violations
  • Contractual penalties due to non-compliance with delivery obligations
  • Legal disputes with affected business partners

Loss of reputation & damage to trust

  • Loss of customer trust, especially in the event of data breaches
  • Image damage that has a long-term negative impact on business
  • Difficulties in attracting new partners or investors

Cyber attacks are therefore not just a technical problem, but an economic risk that can cause massive damage to companies.

Cyber attack on HYMER: Sudden system failure and IT emergency management

In April 2024, HYMER was the target of a cyberattack in which all IT systems were encrypted by ransomware. The entire company was affected within a few hours:

  • No access to ERP, e-mails or order data

  • Production processes interrupted

  • Ransom demand by the attackers with a 48-hour deadline

IT emergency management was activated immediately. While IT specialists and forensic experts worked on restoring the systems, the purchasing department found a solution to continue placing orders and keep supply chains running.

Cloud-based purchasing processes ensure business continuity

During this critical phase, Tacto's cloud-based SRM software proved to be a decisive factor in the purchasing department's ability to act. While all internal IT systems were down, Tacto remained fully functional.

"Without cloud-based access to our purchasing data, we would have been unable to act. Tacto enabled us to continue working despite the attack." - Alexander Frei, Purchasing Manager at HYMER

This enabled the purchasing team:

  • Continuous access to supplier contacts
    While customer contacts were not accessible in ERP and Outlook, supplier data was still available via Tacto.

  • Access to historical order data
    ‍Previous
    orders and price histories could be retrieved to estimate requirements.

  • Creation of demand forecasts
    ‍On
    the basis of existing data, it was possible to determine order quantities and prevent bottlenecks.

  • Direct communication with suppliers
    Direct coordination with suppliers was still possible via the Tacto platform.

  • Stabilization of supply chains
    Despite the attack, HYMER was able to achieve 85% of the planned monthly turnover. In the caravan sector, delivery reliability was even maintained at 100%.

‍Lessonslearned from the cyber attack: How HYMER is preparing for the future

After successfully overcoming the crisis, HYMER has implemented several IT security measures to minimize future cyber risks:

  • Introduction of two-factor authentication (2FA) for all users

  • Combined data backup with offline backups and cloud backup

  • Development of an emergency management concept with analog contact lists

  • Stricter rules on data storage and new data protection guidelines

  • Regular IT security training for all employees

In addition to these measures, Zscaler also recommends network segmentation to separate sensitive areas of the IT infrastructure, as well as carrying out regular security audits and emergency tests, because an IT security concept is only as good as its implementation.

Conclusion: Why cloud technology is crucial for resilient procurement processes

The cyberattack on HYMER shows that traditional on-premise systems alone are not enough to maintain business processes in an emergency. Cloud-based solutions such as Tacto offer companies an independent infrastructure that also works in the event of IT failures or cyberattacks.

With access to purchasing data, supplier contacts and order histories, HYMER was able to react quickly and avoid bottlenecks. This case underlines why a robust, digital purchasing strategy is not only essential for efficiency, but also for crisis resilience.

Outlook

The threat of cybercrime will continue to increase in the coming years. Companies should invest in security measures at an early stage and digitally secure their purchasing processes. Cloud-based systems such as Tacto offer a resilient alternative to traditional IT infrastructures and help companies remain capable of acting even in times of crisis.

Related articles

No items found.