Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Canyon Bicycles. Show all posts

Shimano's Cyber Siege: A Saga of Resistance Against Ransomware

 


Shimano Industries, a prominent Japanese multinational manufacturing company specializing in cycling components, fishing tackle, and rowing equipment, seems to have been hit by a massive data breach by the ransomware attacker LockBit, who has threatened to release confidential data, including information such as factory inspection results, lab tests and financial documents by 5 November if their demands are not met. 

The group stole 4.5 terabytes of sensitive company data.  The company had previously been involved in the production of golf supplies until 2005 and snowboarding gear until 2008. Situated in Sakai, Osaka Prefecture, the corporation operates with 32 consolidated and 11 unconsolidated subsidiaries. 

Its primary manufacturing facilities are strategically located in Kunshan (China), as well as in Malaysia and Singapore.  LockBit is a major international cybercrime group that uses malware to breach global corporations' security protocols and attempts to extort money in exchange. Its previous targets have included Royal Mail, with the British postal company's international services severely disrupted in January 2023 due to the attack. 

American aeroplane and missiles manufacturer Boeing is the latest victim of the group, with the company officially confirming the attack yesterday. Another major brand hit recently by a similar cybersecurity threat includes Canyon Bicycles. 

A victim who does not make a ransom payment within a few days will have their data posted on the dark web in addition to being threatened with posting their data on the dark web if a ransom payment is not made. 

Shimano Industries Ltd, a Japanese manufacturer of bicycle parts, was recently targeted by a ransomware attack that demanded payment of a ransom. Shimano was unwilling to pay the ransom and the blackmail gang offered to put stolen data online, which is what they did. Now the stolen data is probably widely available online. 

Escape Collective updated their report late last week and said, upon contacting an industry-leading cyber-security firm, it was said that the delay in publishing could be an indication that Shimano was in negotiations. This has been the case until recently.

Several attempts to contact LockBit itself via Sonar, a web messenger that can be used in the Tor darknet browser, have not been successful. In a recent report from LockBit, cybercriminals claim to have successfully penetrated the Japanese manufacturer's network and obtained access to several terabytes of data. It was announced by the attackers that Shimano would publish the stolen data after they ignored their ultimatum. 

The Russian ransomware group LockBit appears to have released much of the company data on its darknet page after the ransom has expired. The company has been releasing 4.5 terabytes of various company data. Now that LockBit has expired, much of the data has been released, however. Shimano did not respond to a request for comment on the matter. 

Experts have yet to clarify who made them. Several financial records and personal information, including financials of employees and customers, have been revealed to have been leaked in the current case. Drawings, diagrams, test evaluations, development material, etc., have also reportedly been reported to have been exposed, as well as contracts and non-disclosure agreements. 

Recently, the Russian-speaking ransomware gang LockBit caused a sensation by attacking the US aircraft manufacturer Boeing. They were one of the most active ransomware gangs at the time. Shimano has yet to release a statement regarding the attack, and it is also not mentioned on the Shimano homepage of any kind regarding the cyberattack. 

It seems that Shimano was hacked by hackers and that cash was not paid to them for this backdoor. It's also clear from the report that sensitive information was leaked. However, the company has not elaborated on its original statements following the hack. A Shimano spokesperson has been contacted by Cycling News and has replied to their inquiry by saying, "This is an internal matter at Shimano and is under investigation. 

For the time being, we cannot address the situation." According to the original ransom note issued by the LockBit group, the following threats were made: “If you do not pay the ransom, we will attack your company again in the future.” 

A researcher in cyber security at the University of Warwick, Dr Harjinder Lallie, explained to Cycling Weekly earlier this month that the leak may lead to intellectual property being transferred to competitors if it is not paid for.