Volvo Cars revealed that has suffered a cyberattack that resulted in the theft of R&D data.
Last week, it was reported that Swedish car manufacturer Volvo revealed that their systems were compromised and hackers managed to steal their Research and development (R&D) data.
The company had reassured that the attack had no impact on the security of its sold cars and customers’ personal data.
Their spokesperson also said that they had not lost control of its own data and is not a victim of ransom-ware. However, there have already been reports of claim of the attack by the Snatch ransom-ware gang.
Automotive manufacturers go to great lengths to keep next model year vehicles from prying eyes and the same is true for data, especially R&D data. Protecting key assets like research data is especially critical in a high-intensity market like automotive.
The drive to reduce 200 platforms that must be supported, to 20 or fewer is an ever-increasing need as is the focus on designing an in-house SoC and next-generation in-vehicle networks.
Manufacturers must continue to look at how they treat, store, and share data to protect these assets. After all, software is at the core of innovation, and the recent wave of ransom-ware and supply chain attacks have demonstrated that compromised software can have a devastating impact on an organization.
This reaches past the traditional IT protection methods like penetration testing, silicon, and software life cycle management systems. Developers and their peers in the testing teams must be aware of their role in protecting software and data.
The risk does not end when the hole is plugged though. Potential threat actors may have some insight based on the data that was released. For this reason, automotive manufacturers must examine the technologies that rely on this data.
In 2010, Volvo Cars became a subsidiary of the Chinese manufacturer Geely Holding Group, which confirmed that it “has become aware that one of its file repositories has been illegally accessed by a third party.”
“Investigations so far confirm that a limited amount of the company’s R&D property has been stolen during the intrusion,” states Volvo. The company warned that “there may be an impact on the company’s operation” from the hack, sending its stock falling 3.5 percent in Stockholm, to 72.44 kronor (USD$8.00, 7.06 euros).
Volvo notified relevant authorities and retained third-party experts to investigate the incident.
“Volvo Cars has become aware that one of its file repositories has been illegally accessed by a third party. Investigations so far confirm that a limited amount of the company’s R&D property has been stolen during the intrusion.
Volvo Cars has earlier today concluded, based on information available, that there may be an impact on the company’s operation.” reads the notice of cyber security breach published by Volvo.
“After detecting the un-authorized access, the company immediately implemented security countermeasures including steps to prevent further access to its property and notified relevant authorities.”
The company pointed out that the cyber attack had no impact on the safety or security of its customers’ cars or their personal data.
The information above was shared by McGallen & Bolden Pte Ltd.