Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label IT problems. Show all posts

Indonesia’s Worst Cyber Attack Exposes Critical IT Policy Failures

 

Indonesia recently faced its worst cyber attack in years, exposing critical weaknesses in the country’s IT policy. The ransomware attack, which occurred on June 20, targeted Indonesia’s Temporary National Data Center (PDNS) and used the LockBit 3.0 variant, Brain Cipher. This malware not only extracts but also encrypts sensitive data on servers. The attacker demanded an $8 million ransom, which the Indonesian government has stated it does not intend to pay. 

One of the most alarming aspects of this attack is that almost none of the data in one of the two affected data centers was backed up, rendering it impossible to restore without decryption. This oversight has significantly disrupted operations across more than 230 public agencies, including key ministries and essential national services such as immigration and major airport operations. In response to the attack, Indonesian President Joko Widodo ordered a comprehensive audit of the country’s data centers. Muhammad Yusuf Ateh, head of Indonesia’s Development and Finance Controller (BPKP), stated that the audit would focus on both governance and the financial implications of the cyberattack. 

An official from Indonesia’s cybersecurity agency revealed that 98% of the government data stored in one of the compromised data centers had not been backed up, despite the data center having the capacity for backups. Many government agencies did not utilize the backup service due to budget constraints. The cyberattack has sparked calls for accountability within the government, particularly targeting Budi Arie Setiadi, Indonesia’s communications director. Critics argue that Setiadi’s ministry, responsible for managing the data centers, failed to prevent multiple cyber attacks on the nation. Meutya Hafid, the commission chair investigating the incident, harshly criticized the lack of backups, calling it “stupidity” rather than a simple governance issue. 

The attack has not only exposed the vulnerabilities within Indonesia’s IT infrastructure but has also led to significant operational disruptions. The lack of proper data backup procedures underscores the urgent need for robust cybersecurity measures and policies to protect sensitive government data. The audit ordered by President Widodo is a crucial step in addressing these issues and preventing future cyberattacks. 

As Indonesia grapples with the aftermath of this significant cyberattack, it serves as a stark reminder of the importance of comprehensive cybersecurity strategies and the need for constant vigilance in safeguarding critical national data. The incident highlights the essential role of proper IT governance and the consequences of neglecting such vital measures.

Hyundai Motor Europe Grapples with Cyber Threat as Black Basta Ransomware Strikes

 


A California union and Hyundai Motor Europe both announced separately this week that they had suffered cyberattacks in the past month, resulting in the loss of their data. According to Black Basta, a group that first emerged in 2022 as a double-extortionist group, Hyundai Motor Europe's data has been stolen more than 3TBs. 

The carmaker has not confirmed that it has been infected by ransomware, nor does Black Basta agree with its claims. An attack on the Hyundai Motor Europe division of the South Korean company earlier this year has been confirmed by the division's CEO. 

Hyundai Motor Europe was initially reported to have suffered a cyber-attack in the middle of January, however, Hyundai immediately shot the report down, saying it was simply a matter of IT issues. According to BleepingComputer, who first reported the story on Thursday, the South Korean automaker announced in early January that it was having "IT problems" that it was “working to resolve as soon as possible.” 

This news has been spreading fast since then. In the past week, the media outlet has been informed that Black Basta is connected with the incident and the alleged theft of 3TB of data. Cybernews is unaware of any mention of Hyundai or the stolen data on Black Basta's dark leak website at the moment of publishing, but it is very common for extortion groups to wait until ransom negotiations have firmly broken down to post about their victims. 

A further statement from Hyundai has not yet been released about which systems were compromised in the attack, how much sensitive data may have been accessed, and what was the extent of the damage. According to the Black Basta ransomware gang, Hyundai Motor Europe has been hacked and three terabytes of their data were stolen by the gang. 

There is evidence of a data breach from the threat actors, which was revealed. The gang seems to have stolen data from several departments, including legal, sales, and human resources, among others. In addition to having access to email addresses, physical addresses, phone numbers, and vehicle chassis numbers of affected individuals, threat actors were also able to obtain the information that they needed. 

An unauthorized third party has accessed the customer database of Hyundai Italy, as stated in the data breach letter sent to impacted individuals. To determine the scope of the incident, Hyundai Italy has notified the privacy watchdog and hired cybersecurity experts.

In the evidence provided to Bleeping Computer, the crooks revealed that there was a data breach that occurred in multiple departments of the business, such as legal, sales, and human resources. It was announced in April that Hyundai had suffered yet another data breach which affected Italian and French car owners as well as customers who had booked a test drive with them. 

Among the impacted individuals were people with emails, physical addresses, telephone numbers, and vehicle chassis numbers, which could be used to identify threat actors. An unauthorized third party had access to the database of customers according to a letter sent to the impacted individuals advising them of a data breach.

This incident has been reported to the privacy watchdog in Italy and Hyundai has hired a cybersecurity expert from an external company to determine the extent of the issues. A letter sent by the bank indicated that no financial information had been disclosed. 

The German media reported in December 2019 that suspected members of the Vietnam-linked APT Ocean Lotus (APT32) group had breached the networks of the automakers BMW and Hyundai as part of the hacking campaign. An intrusion was carried out to steal automotive trade secrets from the company.