Tuesday, December 14, 2021

Volvo Cars Investigates Cyber-Theft Of R&D Data
Matthew Broersma, December 13, 2021


Volvo Cars says investigating theft of research and development data in cyber-attack that may have an effect on the company’s operations

Swedish carmaker Volvo Cars has said it is investigating a cyber-attack that targeted systems storing research and development files.

The company said the hack could have an effect on the company’s operations, without elaborating.

Volvo, majority-owned by China’s Zhejiang Geely Holding Group, said the data had been stolen from a third party, which had contacted Volvo about the theft.

It said it had confirmed a “limited” amount of R&D data was stolen.



Data theft

“Investigations so far confirm that a limited amount of the company’s R&D property has been stolen during the intrusion,” the company said in a statement, adding that based on its information there “may be an impact on the company’s operation”.

Volvo said it did not think the safety or security of its customers’ cars or personal data would be affected.

It said it was carrying out its own investigation into the breach along with an outside specialist, had taken security countermeasures to prevent further intrusion and had notified the relevant authorities.

The theft of industrial property by hackers has increased in recent years as such material has been made available remotely, often through third-party cloud services providers.

Such thefts are increasingly accompanied by ransom demands, with the attackers publishing sensitive files online if their targets do not pay.
Ransom threat

Last year, for instance, the criminal gang behind the DoppelPaymer malware published data belonging to Visser Precision, a contractor for Lockheed-Martin and SpaceX, after the firm refused to pay a ransom.

The same gang has also targeted Kimchuk, a medical and military electronics maker that makes nuclear modules for the US Navy, as well as the Chilean government and Mexico’s state oil company Pemex.

Computer security firm Clearswift said DoppelPaymer spreads via password-protected Word files attached to email messages.

“Organisations can build policy to only allow password-protected documents from trusted senders, which will go a long way in mitigating against DoppelPaymer,” Clearswift said.
High-tech cars

The increasing levels of automation and computer code in modern cars also makes them more vulnerable to hacking.

In April, researchers demonstrated at a tech conference how a Tesla vehicle could be hacked and its locked doors opened via a drone carrying a Wi-Fi dongle. Tesla issued a software patch for the flaw.

Several similar Tesla hacks have been discovered in the past, including one in 2016 that allowed researchers to take control of a Tesla car from 12 miles away.

Volvo Cars’ IPO on 29 April was the largest in Europe this year.

No comments: