Ransomware attacks have targeted everything from city governments to hospitals. Now, attackers have their sights on the automotive industry.
According to CNN, the FBI sent a memo to a number of companies warning them about the possibility of being attacked. It said the auto industry has been a target since late last year and noted these attacks “have resulted in ransomware infections, data breaches leading to the exfiltration of personally identifiable information, and unauthorized access to enterprise networks.”
The memo didn’t say which companies were hit, but detailed a number of methods that attackers have used. One of them is a brute force attack where computers are programmed to continually guess user names and passwords until they find a correct combination. Hackers have also used phishing attacks where they e-mail employees and attempt to get them to download malicious software.
Also Read: WannaCry Ransomware Attack Shuts Down Honda Factory In Japan
Several of these attacks have been successful, and the memo said bad actors have gained access to employee e-mail accounts at various companies. Once inside, they were able to set the account to forward company e-mails to an account owned by the attackers. This reportedly enabled them to steal sensitive information including data that was used to conduct illegal wire transfers.
Ransomware is also an issue and has impacted several companies. In one case, the FBI said an automotive firm paid the ransom and the attackers ghosted them without providing access to the stolen data.
Unfortunately, it appears these attacks are going to be a fact of life. As the memo explained, “The automotive industry likely will face a wide range of cyber threats and malicious activity in the near future as the vast amount of data collected by Internet-connected vehicles and autonomous vehicles become a highly valued target for nation-state and financially motivated actors.”