Shares in Rheinmetall drop after company discloses malware attack

BERLIN (Reuters) - German arms and car parts maker Rheinmetall said it had been hit by a malware attack affecting production at some sites in the United States, Mexico and Brazil, sending shares down in early trade on Friday.

"Normal production processes at these locations are currently experiencing significant disruption," Rheinmetall said in a statement late on Thursday.

Rheinmetall shares, which have risen around 50% since the start of this year, were indicated to open 2.9% lower in early Frankfurt trade on Friday.

"The IT infrastructure in the region has been shut down and is currently being rebuilt", Rheinmetall spokesman Peter Ruecker said, adding the company could not say who might have been behind it.

Cyber attacks, especially those which affect producers engaged in critical infrastructure, machinery and armament, are becoming a big headache for European blue chip companies.

On Thursday, France's AFP news agency reported that a series of cyber attacks on Airbus <AIR.PA> in the past few months was conducted via the computer systems of its suppliers and security sources suspect a link to China.

In July, German blue-chip companies BASF <BASFn.DE>, Siemens <SIEGn.DE> and Henkel <HNKG_p.DE> revealed they had been victims of cyber attacks, confirming a German media report which said the likely culprit was a state-backed Chinese group.

Rheinmetall said the IT shutdown is expected to last two to four weeks, with a financial impact of 3 to 4 million euros ($3.27 to $4.36 million) per week.

"We are still able to deliver according to schedule," Ruecker said.

He said that the domain affected by the malware had been cut off from Rheinmetall's corporate network and that only the Automotive branch -- and thus none of Rheinmetall's armament operations -- were affected by the attack.

(Reporting by Tassilo Hummel; Editing by Michelle Martin)