Written by:
Matthew Delman Ransomware attacks have a habit of continuing to impact the affected organization long after they’re resolved. The immediate costs of resolving a ransomware attack can run into the millions, with a data breach itself costing an average of $4.54 million. And that’s only the direct costs. There are indirect concerns as well, such as reduced revenue from brand damage and monitoring costs in the case of personal data being stolen.
The December 2023 ransomware attack on Nissan Motor Corporation and Nissan Financial Services in Australia and New Zealand is one example of this. Personal information on 100,000 customers and employees throughout those two countries was stolen in the attack, which Nissan only recently confirmed.
The Akira ransomware gang claimed responsibility for the attack, saying that they got more than 100 gigabytes of data like company files and personal data. This attack is part of a growing trend of automotive industry attacks. Ransomware gangs have increasingly targeted automakers and automotives themselves to get personal data to sell on the Dark Web, steal IP of new designs, and cause any amount of consternation for manufacturers.
Nissan Australia and New Zealand Attack
On December 5, 2023, the ransomware gang gained access to local IT servers for Nissan and its financial services subsidiary in Australia and New Zealand. The company said it locked down the attack quickly, but not before the Akira ransomware gang said it exfiltrated the personal information of customers and employees.
Nissan confirmed the breach on March 13, 2024, and in their statement noted that they had been working with local authorities and conducting their own forensic investigation into the attack. Following the announcement, Nissan Australia said they would notify the 100,000 people whose data was exfiltrated but expected that this number may drop as they validate information and potentially remove duplicates.
Cybercriminals Targeting Automotive Manufacturers
The attack on Nissan Australia and New Zealand is indicative of cybercriminals targeting automobile manufacturers. The number of attacks against automotive manufacturers has increased 225% in the past three years, according to research, with the possibility of facing a $505 billion loss in revenue in 2024 as a result of the volume of security incidents.
The attack on Nissan Australia is only one of the latest against a car manufacturer. Toyota made headlines in 2022 and 2023 for two different cyber attacks. In 2022, the Japanese car manufacturer had to shut down 14 of its factories in Japan for 24 hours because of an incident. They lost output of about 13,000 vehicles. In 2023, Toyota Financial Services in Germany shut down their systems after an attack from the Medusa ransomware gang. Earlier that same year, Toyota had to notify customers that their data had been exposed for 10 years.
These are only direct attacks on automotive manufacturers. Other companies within the vehicle supply chain also experience business disruptions from ransomware and data breaches, such as Bridgestone America shutting down its operations in February 2022 to recover from an attack.
The automotive industry is under threat from cyberattackers not just for the data held in their corporate servers, but also because cars themselves have become increasingly complex Internet of Things (IoT) devices with extensive edge computing software embedded in them. Any connected vehicle on the road today – not even a driverless car – could be sending telemetry data or other information back to corporate servers. If a threat actor breaches one of those cars, they could be able to laterally move into the network of the automotive manufacturer if the security is not strong enough.
How Sotero Can Help Secure the Automotive Industry
The Sotero platform takes a data-centric approach to ransomware defense. This approach prioritizes data security rather than just focusing on the network or devices that store the data. It involves a comprehensive strategy to safeguard data at every stage – in transit, at rest, and in use. This is necessary in a world where traditional perimeter defenses are insufficient. The significance of this approach lies in its ability to provide robust protection against a wide range of cyber threats, directly addressing the vulnerabilities inherent in modern data ecosystems.
Additionally, Sotero leverages Data Security Posture Management (DSPM), which involves continuously monitoring, assessing, and enhancing data security posture across all environments. DSPM ensures that data security measures align with the evolving threat landscape and compliance requirements. The benefits of DSPM include enhanced visibility into data security risks, improved compliance with regulations, and a more resilient defense against cyber threats.
As the automotive industry becomes more of a target over the next few years, and their data becomes more distributed in complex automotives, securing data in transit and at rest becomes even more vital. Deploying data-centric security like Sotero is thus vital in an environment where ransomware becomes more common and data breaches result in even greater damages to consumers and businesses alike. Sotero’s data-centric security platform can help solve these challenges and protect automotive manufacturers now and in the future.
To learn more about Sotero, request a demo today.