Early in January, Hyundai Europe had some “IT issues”. But now It turns out the “IT issues” that Hyundai Motor Europe experienced were in fact a cyberattack carried out by the notorious Black Basta ransomware group. Though at the time the company told BleepingComputer they were simply “experiencing IT issues”. But when they were confronted by Bleeping with evidence that data had been stolen, Hyundai confirmed they had suffered a cyberattack.
In the most recent statement to BleepingComputer, the company stated “Hyundai Motor Europe is investigating in a case in which an unauthorized third party has accessed a limited part of the network of Hyundai Motor Europe.”.
Though Hyundai has not offered details on what type of attack they suffered, Bleeping was able to view an image of a list of folders the Black Basta group claims to have stolen from the company. The group claims to have taken 3 TB of data, including legal, sales, human resources, accounting, IT, and management.
Ted Miracco, CEO, Approov Mobile Security had this comment:
“Black Basta is a Ransomware-as-a-Service (RaaS) enterprise that is known for its double extortion attacks. These highly targeted attacks on large corporations involve encrypting victims’ critical data and vital servers and threatening to publish sensitive data, which is apparently happened to Hyundai Motor Europe.
“Automotive companies are frequent targets of ransomware attacks due to the increasing digitization of vehicles and the industry’s interconnectedness. Weak API security has contributed to this vulnerability, despite advanced cybersecurity measures by automotive manufacturers and their supply chain. The best way to minimize damage from these kinds of sophisticated attacks is to both implement strong endpoint detection systems for early warnings on attacks and to have robust backup, encryption and recovery systems in place for business continuity.”
Carol Volk, EVP, BullWall follows with this:
“Large multinational companies like Hyundai Motor Europe are prime targets for cyberattacks due to their substantial wealth and extensive digital attack surface. The recent cyberattack by the Black Basta ransomware group underscores the vulnerability of such corporations to sophisticated threats. The sheer size and complexity of their networks make it nearly impossible to fully safeguard against every potential attack vector.
“When breaches occur, these companies must have a robust plan in place to mitigate the damage and protect sensitive information. While Hyundai Motor Europe has not disclosed the specifics of the ransomware attack, the reported theft of 3 TB of data, including critical business functions like legal, sales, and human resources, highlights the severity of the incident.
“To effectively respond to such breaches, companies need proactive measures such as continuous monitoring and rapid incident response protocols, in addition to regular isolated backups and a ransomware containment system.”
Getting pwned by a ransomware group is bad. Denying it to the media is worse because by the time the media is knocking at your door, they already know the answer to the question that they’re asking. Hopefully Hyundai Europe learns from this self inflicted gunshot wound to the foot.
Like this:
Like Loading...
Related
This entry was posted on February 10, 2024 at 8:26 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Hyundai Motor Europe Confirms That They Were Pwned By Black Basta After Saying That They Had “IT Issues”
Early in January, Hyundai Europe had some “IT issues”. But now It turns out the “IT issues” that Hyundai Motor Europe experienced were in fact a cyberattack carried out by the notorious Black Basta ransomware group. Though at the time the company told BleepingComputer they were simply “experiencing IT issues”. But when they were confronted by Bleeping with evidence that data had been stolen, Hyundai confirmed they had suffered a cyberattack.
In the most recent statement to BleepingComputer, the company stated “Hyundai Motor Europe is investigating in a case in which an unauthorized third party has accessed a limited part of the network of Hyundai Motor Europe.”.
Though Hyundai has not offered details on what type of attack they suffered, Bleeping was able to view an image of a list of folders the Black Basta group claims to have stolen from the company. The group claims to have taken 3 TB of data, including legal, sales, human resources, accounting, IT, and management.
Ted Miracco, CEO, Approov Mobile Security had this comment:
“Black Basta is a Ransomware-as-a-Service (RaaS) enterprise that is known for its double extortion attacks. These highly targeted attacks on large corporations involve encrypting victims’ critical data and vital servers and threatening to publish sensitive data, which is apparently happened to Hyundai Motor Europe.
“Automotive companies are frequent targets of ransomware attacks due to the increasing digitization of vehicles and the industry’s interconnectedness. Weak API security has contributed to this vulnerability, despite advanced cybersecurity measures by automotive manufacturers and their supply chain. The best way to minimize damage from these kinds of sophisticated attacks is to both implement strong endpoint detection systems for early warnings on attacks and to have robust backup, encryption and recovery systems in place for business continuity.”
Carol Volk, EVP, BullWall follows with this:
“Large multinational companies like Hyundai Motor Europe are prime targets for cyberattacks due to their substantial wealth and extensive digital attack surface. The recent cyberattack by the Black Basta ransomware group underscores the vulnerability of such corporations to sophisticated threats. The sheer size and complexity of their networks make it nearly impossible to fully safeguard against every potential attack vector.
“When breaches occur, these companies must have a robust plan in place to mitigate the damage and protect sensitive information. While Hyundai Motor Europe has not disclosed the specifics of the ransomware attack, the reported theft of 3 TB of data, including critical business functions like legal, sales, and human resources, highlights the severity of the incident.
“To effectively respond to such breaches, companies need proactive measures such as continuous monitoring and rapid incident response protocols, in addition to regular isolated backups and a ransomware containment system.”
Getting pwned by a ransomware group is bad. Denying it to the media is worse because by the time the media is knocking at your door, they already know the answer to the question that they’re asking. Hopefully Hyundai Europe learns from this self inflicted gunshot wound to the foot.
Share this:
Like this:
Related
This entry was posted on February 10, 2024 at 8:26 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.