Digitalisation

Ransomware gangs increase raids as car parts company Gedia becomes latest cyber-attack victim

Share

German car parts manufacturer Gedia has shut down its IT systems after a cyber-attack.

Industry experts are blaming the attack on the same hackers who crippled global travel money giant Travelex, which is still offline nearly a month after it was hit.

The car parts manufacturer said it couldn’t comment on the source of the attack and said it had called in the police, while an emergency plan has been put in place to maintain deliveries.

Gedia Automotive Group employs 4,300 people in seven countries and initially warned the attack could have far-reaching consequences.

In a statement posted on its website and published by Computer Weekly, the 100-year-old company, based in Attendorn, said it could be weeks or months before systems are fully up and running again.

Computer Weekly also reported that the group behind the Sodinokibi ransomware attack that hit Travelex had claimed responsibility for the latest hack and threatened to publish sensitive material.

The malware, also known as REvil, steals data and locks companies out of their systems. It can only be unlocked with a password provided by hackers, in return for a ransom.

Computer Weekly said the group claimed it had sensitive data, including blueprints and employees’ and clients’ details.

As many as 40 criminal syndicates are thought to be using Sodinokibi malware to exploit security weaknesses to access companies’ IT systems and hold them to ransom.

Computer Weekly said other ransomware victims include US computer services company Artech Information Systems, which lists Fortune 500 companies such as AT&T, Mastercard, Bank of America, Capital One and Wells Fargo among its clients.

The hackers claim they have already published data containing company files stolen from Artech in a bid to force it to pay a ransom.

Data security expert Royce Curtin, former managing director of global intelligence at Barclays, who is now vice-president of corporate security at IBM, told the Auto Captives Summit in London in 2018 that companies are fighting a cyber-war against criminals who carry out millions of daily attacks in a bid to steal personal data and defraud businesses of millions of dollars.

He warned companies that they must constantly evolve their defences or risk falling victims to new scams.

Curtin said: “Companies suffer an average 1.5% share price decline after cyber-attacks are made public, with some drops of up to 15%. Financial services experience the biggest declines and the highest regulatory fines.

“Despite the increasing sophistication of the criminals, simple measures can still combat much of the threat. You have to have strong assurance programmes to protect your intellectual property and personal identifiable information. You have to build defences in depth with the customers and clients and the supply chain and vendors that you use.”

Details of his presentation are available in this video, courtesy of leading global automotive, consumer and equipment finance software business, White Clarke Group.

{loadposition wcgroycecurtin}