Weir hit by ‘sophisticated’ ransomware attack

Glasgow-based global engineering and mining giant Weir Group — one of Scotland’s biggest listed companies —  said on Thursday it was subjected to an attempted ransomware attack towards the end of the third quarter ended September 30.

As a result, Weir experienced revenue deferrals of £50 million in September, and said the full year operating profit impact of Q4 revenue slippage “is expected to be between £10m and £20m, while the impact of overhead under-recoveries is expected to be between £10m and £15m.”

Weir Group CEO Jon Stanton said the Glasgow firm responded quickly and comprehensively to what was a “sophisticated external attack” on the company.

Stanton said  Weir’s “robust action” to protect its infrastructure and data led to “significant temporary disruption” but Weir teams managed to minimise the impact on customers. 

Weir employs more than 11,000 people around the world.

Weir reported its Q3 continuing operations orders were up 31% — but said the direct costs of the cyber incident mean that that its full year profit before taxation and amortisation is now expected to be in the range of £230 million to £245 million.

On the cybersecurity attack, Weir said: “Weir’s cybersecurity systems and controls responded quickly to the threat and took robust action. 

“This included isolating and shutting down IT systems including core Enterprise Resource Planning (ERP) and engineering applications. 

“These applications are now restored on a partial basis, and other applications are being brought back online in a progressive manner in order of business priority. 

“The above actions have led to a number of ongoing but temporary disruptions including engineering, manufacturing and shipment rephasing, which has resulted in revenue deferrals and overhead under-recoveries.

“Effective capabilities are being progressively restored in the coming weeks but the consequences of the operational disruption and associated inefficiencies are expected to continue into the fourth quarter.

“Our forensic investigation of the incident is continuing and so far, there is no evidence that any personal or other sensitive data has been exfiltrated or encrypted.

“We are continuing to liaise with regulators and relevant intelligence services. 

“Weir confirms that neither it, nor anyone associated with Weir, have been in contact with the persons responsible for the cyber-attack. “

On the impact of the attack on 2021 full year guidance, Weir said: “There has been no negative impact on orders in Q3 and we continue to expect to deliver full year order growth in line with our expectations, resulting in a strong order book as we head into 2022. 

“As a result of the rephasing of shipments caused by the cybersecurity incident, the group experienced revenue deferrals of c.£50m in September alongside overhead under-recoveries in manufacturing and engineering. 

“While the bulk of the missed September revenue is expected to be shipped in Q4 it is likely that the temporary disruption to our end-to-end value chain will cause some slippage of Q4 revenues into 2022 together with some overhead under-recovery.

In order to reflect this incident, Weir is updating full year guidance. 

“The full year operating profit impact of Q4 revenue slippage is expected to be between £10m and £20m, while the impact of overhead under-recoveries is expected to be between £10m and £15m. 

“The majority of the impact is expected to be in the Minerals division due to its engineering and supply chain complexity relative to ESCO.

“The direct costs of the cyber incident are expected to be up to £5m. 

“As a result, the group now anticipates its full year PBTA will be in the range of £230m to £245m.”

Weir Group CEO Jon Stanton said :“We responded quickly and comprehensively to what was a sophisticated external attack on our business. 

“The robust action to protect our infrastructure and data has led to significant temporary disruption but our teams have responded magnificently to this challenge and have managed to minimise the impact on our customers. 

“We will continue to focus on the safe restoration of all our systems whilst strengthening our future resilience even further.

More broadly, the continued strong demand across our markets in Q3, particularly for our more sustainable solutions, reinforces our view that Weir is ideally placed to benefit from a multi-decade growth opportunity, as the mining industry invests in expanding capacity while reducing its environmental impact.

We remain on track to deliver our recently announced three-year performance goals that will see us increase revenues, expand margins and significantly reduce our environmental footprint.”

About the Author

Mark McSherry
Dalriada Media LLC sites are edited by veteran news journalist Mark McSherry, a former staff editor and reporter with Reuters, Bloomberg and major newspapers including the South China Morning Post, London's Sunday Times and The Scotsman. McSherry's journalism has also appeared in The Washington Post, The Guardian, The Independent, The New York Times, London's Evening Standard and Forbes. McSherry is also a professor of journalism and communication arts in universities and colleges in New York City. Scottish-born McSherry has an MBA from the University of Edinburgh and a Certificate in Global Affairs from New York University.