After the lack of chips, the auto industry is now also worried about the cyberattack on the supplier Eberspächer. Production of individual car models threatens to stall. For buyers, this means longer delivery times.
The severe hacking attack, which has paralyzed large parts of production and administration at the automotive supplier Eberspächer since October 25, is likely to endanger the supply of German car manufacturers with components for exhaust, heating, and air conditioning technology.
With such a serious attack, companies threaten weeks of production disruptions, even under the best of circumstances," says Stefan Bratzel, director of the Center of Automotive Management in Bergisch Gladbach.
There indeed is a rumor from the environment of the Esslingen-based medium-sized company that individual plants have at least started emergency operations in the meantime. IT security experts, however, warn of long-term delivery delays due to the attack.
It will probably take months before Eberspächer can supply its customers normally again, predicts industry expert Bratzel: "The cyberattack on Eberspächer means the next low blow for an industry that is already groaning. From a lack of chips and raw materials for important components."
At the moment, the supply of the components is still secured. Manufacturers such as Audi, BMW, Mercedes-Benz, and VW inform WirtschaftsWoche upon request. However, one continues to monitor the situation very closely for a good reason.
After all, according to the industry, many of the components produced by Eberspaecher are so large that no manufacturer keeps stocks of them for a long time. The stocks usually lasted little more than a week or two.
Buyers will have to wait even longer.
The car manufacturers have concluded contracts with at least two suppliers for many vehicle components to ensure production capability. But even that does not protect against bottlenecks because a second supplier cannot immediately compensate for failures and deliver twice the number of components from the start.
"This means that due to the lack of parts, there is a risk of production standstill in individual series, and car buyers will have to be prepared for additional waiting times," warns expert Bratzel. Due to the lack of chips, the delivery times for many vehicle types had increased significantly, in some cases. Depending on the model, these are now three months to a year.
Offer of help by the BSI rejected
The industry is astonished that Eberspächer is said to have turned down the offer of support from the Federal Office for Information Security (BSI) to cope with the attack. WirtschaftsWoche learned this from IT security circles. The BSI confirms an offer of help on request but does not comment on any details. Eberspächer also does not comment on ongoing investigations.
Eberspächer would not have incurred any costs for support from the BSI. The BSI "has a great interest in increasing cybersecurity in the economy as well," a spokesman for the authority said in principle.
The exchange with companies affected by IT security incidents "also provides a comprehensive picture of the situation's special meaning." Based on this, "new or modified attack methods can be identified and analyzed, and suitable IT security measures can subsequently be derived."
"Information security is an ongoing task."
A large number of ransomware incidents with severe consequences "clearly shows that information security should be a priority for every company," said BSI President Arne Schönbohm of Wirtschaftswoche. The severe effects of successful cyber attacks, especially in the case of ransomware incidents, could be significantly reduced in this way. "
Therefore, information security must be understood as a permanent task and implemented in a structured manner in the company, "emphasized Schönbohm. Consistent network segmentation, the provision of functioning backups, well-thought-out patch management, and practiced emergency processes are the most critical protective measures.
Employment agency checks short-time work.
Meanwhile, the paralyzed factories after the cyberattack caused the medium-sized company a daily turnover loss of up to 13.5 million euros. The employees are on short-time work. After the corona short-time work, they now have to accept the loss of income due to short-time cyber work again.
The company had already negotiated a corresponding agreement with IG Metall on October 26, immediately after the attack. The wage is increased to 86.5 percent. Usually, a company has to announce plans for short-time work three weeks in advance, says Jürgen Groß from IG Metall in Esslingen. This time limit has been removed when they wanted to help "quickly and unbureaucratically," said the trade unionist.
Cyberattack as an "inevitable event"?
The responsible employment agency in Baden-Württemberg is currently investigating whether short-time work is even legal. It is questionable whether the attack was a so-called "inevitable event" such as a storm - or whether the company did not protect itself adequately.
Short-time work is an insurance benefit that is borne by the community of solidarity. This is one of the reasons why the company would now have to do everything it could to deal with the attack quickly - it is all the more remarkable that the company has refused the support of the BSI.
Cyber short-time work is a novelty.
According to IG Metall, short-time cyber work is a novelty at Eberspächer. "As far as we can see, it has never existed in this form before," said a spokesman for the union. IG Metall expects, however, "that the company will do everything it can to resolve the problem as quickly as possible."