Kisters AG victim of ransomware attack (Nov. 10/11, 2021)

Sicherheit (Pexels, allgemeine Nutzung)[German]The medium-sized an German based company Kisters AG, which develops software solutions for sustainable resource management and now has numerous branches worldwide, has fallen victim to a ransomware attack. Following the attack on November 10/11, 2021, all systems are now down and the website is not accessible. Here is a brief overview of what is known. Furthermore, the Bucher community vehicle division (Switzerland) are victims of a ransomware attack.


Ransomware attack on Kisters AG

I just came across this new case of a ransomware attack on the medium-sized company Kisters AG through the following tweet.

Kisters AG Ransomware attack

Currently, the company's German website is offline and returns error 403, so I had to pull the following company cyber incident notice from their Engllish site.

In the night from 10 to 11 November 2021, the IT company KISTERS AG (Aachen/Germany) became a victim of a cyber attack. According to current knowledge, the attackers gained access to the computer network of the software provider for sustainable resource management systems via an orchestrated ransomware attack despite a strong security system.

Immediately after discovering the attack, KISTERS called in the criminal investigation department and the German Federal Office for Information Security (BSI) and informed the relevant supervisory authorities. In addition, a team consisting of IT specialists and forensic experts immediately started to analyse how the attackers were able to penetrate the network despite the company's extensive, multi-level and certified security precautions. The investigation is still ongoing.

Currently, the company has no access to its own IT system, as it has been completely shut down to prevent further damage. Accordingly, the company can temporarily neither be reached via e-mail nor via landline telephone, but only via the mobile numbers of colleagues. As far as possible, KISTERS' customers have already been informed personally about the attack and the possible consequences as well as the measures taken or will be informed as soon as access to the systems allows it again.

At the moment, KISTERS AG cannot make any statements about which data is affected by the attack. "Transparency is the most important thing for us in this situation. We will inform our customers clearly and openly when we know what data is affected and when we can return to normal business operations," says Managing Director Klaus Kisters.

Currently, all experts are working in crisis mode. "For the time being, it is important for us to be quickly available again for our customers on all channels. We are working on this at full speed," Klaus Kisters continues. "In the next step, we will do everything we can to be able to work again and to gain knowledge so that we, but also other companies, can protect themselves even better in the future."

Sounds dramatically, but details about the infection vector or affected data are not available.

The Kisters AG

According to its LinkedIn page, KISTERS, a medium-sized company founded in 1963 as an engineering firm, today develops software solutions for sustainable resource management of energy and water, for environmental protection and safety, for 3D viewing, and measuring devices for environmental monitoring. The hardware distribution of KISTERS AG offers large format printers (2D and 3D), scanners and many more. The engineering services division also continues to this day.


The company with more than 600 employees has its headquarters in Aachen. There are also numerous branches in Germany and subsidiaries in Europe, North America, Australia and Asia. According to its own statement, the company is an internationally sought-after solution partner due to its expertise, application and industry experience. KISTERS systems are in use worldwide.

Cookies helps to fund this blog: Cookie settings

This entry was posted in Security and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *