Weir reveals ‘operational disruption’ from cyber attack

Weir Group has revealed that it was hit by a “sophisticated attempted ransomware attack” in the second half of September.

As part of its Q3 update, the supplier to the mining, construction and oil and gas industries said there had been no negative impact on orders in the period as a result of the attack. It said it expected to deliver full year order growth in line with expectations and had a strong order book heading into 2022.

The attack has caused the rescheduling of some shipments, and the group experienced revenue deferrals of around £50 million in September, alongside under-recovery of overheads in manufacturing and engineering.

UK-based Weir said its cybersecurity systems and controls responded quickly to the threat. This included isolating and shutting down IT systems, including core Enterprise Resource Planning (ERP) and engineering applications.

These applications have now been restored on a partial basis, said Weir, and other applications are being brought back online progressively in order of priority.

“We responded quickly and comprehensively to what was a sophisticated external attack on our business”, said chief executive John Stanton.

“The robust action to protect our infrastructure and data has led to significant temporary disruption but our teams have responded magnificently to this challenge and have managed to minimise the impact on our customers.

“We will continue to focus on the safe restoration of all our systems whilst strengthening our future resilience even further.”

While the bulk of the missed September revenue is expected to be shipped in Q4 it is likely that the disruption to its operations will cause some slippage of final quarter revenues into 2022, together with some overhead under-recovery.