Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Shimano. Show all posts

Shimano's Cyber Siege: A Saga of Resistance Against Ransomware

 


Shimano Industries, a prominent Japanese multinational manufacturing company specializing in cycling components, fishing tackle, and rowing equipment, seems to have been hit by a massive data breach by the ransomware attacker LockBit, who has threatened to release confidential data, including information such as factory inspection results, lab tests and financial documents by 5 November if their demands are not met. 

The group stole 4.5 terabytes of sensitive company data.  The company had previously been involved in the production of golf supplies until 2005 and snowboarding gear until 2008. Situated in Sakai, Osaka Prefecture, the corporation operates with 32 consolidated and 11 unconsolidated subsidiaries. 

Its primary manufacturing facilities are strategically located in Kunshan (China), as well as in Malaysia and Singapore.  LockBit is a major international cybercrime group that uses malware to breach global corporations' security protocols and attempts to extort money in exchange. Its previous targets have included Royal Mail, with the British postal company's international services severely disrupted in January 2023 due to the attack. 

American aeroplane and missiles manufacturer Boeing is the latest victim of the group, with the company officially confirming the attack yesterday. Another major brand hit recently by a similar cybersecurity threat includes Canyon Bicycles. 

A victim who does not make a ransom payment within a few days will have their data posted on the dark web in addition to being threatened with posting their data on the dark web if a ransom payment is not made. 

Shimano Industries Ltd, a Japanese manufacturer of bicycle parts, was recently targeted by a ransomware attack that demanded payment of a ransom. Shimano was unwilling to pay the ransom and the blackmail gang offered to put stolen data online, which is what they did. Now the stolen data is probably widely available online. 

Escape Collective updated their report late last week and said, upon contacting an industry-leading cyber-security firm, it was said that the delay in publishing could be an indication that Shimano was in negotiations. This has been the case until recently.

Several attempts to contact LockBit itself via Sonar, a web messenger that can be used in the Tor darknet browser, have not been successful. In a recent report from LockBit, cybercriminals claim to have successfully penetrated the Japanese manufacturer's network and obtained access to several terabytes of data. It was announced by the attackers that Shimano would publish the stolen data after they ignored their ultimatum. 

The Russian ransomware group LockBit appears to have released much of the company data on its darknet page after the ransom has expired. The company has been releasing 4.5 terabytes of various company data. Now that LockBit has expired, much of the data has been released, however. Shimano did not respond to a request for comment on the matter. 

Experts have yet to clarify who made them. Several financial records and personal information, including financials of employees and customers, have been revealed to have been leaked in the current case. Drawings, diagrams, test evaluations, development material, etc., have also reportedly been reported to have been exposed, as well as contracts and non-disclosure agreements. 

Recently, the Russian-speaking ransomware gang LockBit caused a sensation by attacking the US aircraft manufacturer Boeing. They were one of the most active ransomware gangs at the time. Shimano has yet to release a statement regarding the attack, and it is also not mentioned on the Shimano homepage of any kind regarding the cyberattack. 

It seems that Shimano was hacked by hackers and that cash was not paid to them for this backdoor. It's also clear from the report that sensitive information was leaked. However, the company has not elaborated on its original statements following the hack. A Shimano spokesperson has been contacted by Cycling News and has replied to their inquiry by saying, "This is an internal matter at Shimano and is under investigation. 

For the time being, we cannot address the situation." According to the original ransom note issued by the LockBit group, the following threats were made: “If you do not pay the ransom, we will attack your company again in the future.” 

A researcher in cyber security at the University of Warwick, Dr Harjinder Lallie, explained to Cycling Weekly earlier this month that the leak may lead to intellectual property being transferred to competitors if it is not paid for.

LockBit Leaked 4.5 TB Data of Shimano Industry

 

Shimano Industries, a prominent Japanese multinational manufacturing company specializing in cycling components, fishing tackle, and rowing equipment, fell victim to the world's largest ransomware group, LockBit. The group stole 4.5 terabytes of sensitive company data. 

The company had previously been involved in the production of golf supplies until 2005 and snowboarding gear until 2008. Situated in Sakai, Osaka Prefecture, the corporation operates with 32 consolidated and 11 unconsolidated subsidiaries. Its primary manufacturing facilities are strategically located in Kunshan (China), as well as in Malaysia and Singapore. 

According to Flashpoint, a company specializing in cyber-crime protection, it labels LockBit as the 'most active' ransomware group globally. Flashpoint attributes 27.93 percent of all documented ransomware attacks to this particular group. 

As reported by Cycling News, LockBit is a cybercrime group that uses malicious software to break into companies' sensitive data. Once they have the information, they demand money from the targeted companies, threatening to make the compromised data public if payment is not made. 

The announcement asserts that the group has infiltrated exceptionally sensitive information, encompassing: 

1. Employee details, comprising identification, social security numbers, addresses, and scanned passports. 

2. Financial records, including balance sheets, profit and loss statements, bank statements, various tax forms, and reports. 

3. Client information, involving addresses, internal documents, mail exchanges, confidential reports, legal documents, and results from factory inspections. 

4. Miscellaneous documents, such as non-disclosure agreements, contracts, confidential diagrams and drawings, developmental materials, and laboratory test results. 

The Data has been Leaked? 

Earlier this month, Escape Collective initially disclosed that hackers issued a threat to release 4.5 terabytes of confidential data unless Shimano made an undisclosed ransom payment. The compromised data, as outlined by Escape Collective, encompasses confidential employee information, financial records, a client database, and various other sensitive company documents. 

The hackers imposed a deadline for the ransom, set for November 5, 2023. Subsequently, when the stipulated demands went unmet, the message on LockBit's website changed, indicating that "all available data" had been made public. However, notably, there was no corresponding download link provided for accessing the data.

Shimano Suffers Cyberattack: 4.5 Terabytes Company Data Breached


Shimano, the market-leading cycling component manufacturer, has been the subject of a ransomware attack that has affected 4.5 terabytes of important company data. 

The Japanese manufacturing has apparently been targeted by ransomware organization LockBit, who are threatening to expose the data on November 5, 2023, at 18:34:13 UTC, according to a post on X (previously Twitter) by technology security company Falcon Feeds.

The attack, first reported by Escape Collective, is also recorded on the Ransom-db website's Live Ransomware Updates, with Shimano.com listed as a victim of LockBit 3.0 and the date November 2, 2023, as the attack date. 

The whole ransom note is also available on Ransomlook.io, which is known as an open-source initiative intended to support users in tracking ransomware-related posts and actions across numerous sites, forums, and Telegram groups. 

The gang breached highly sensitive data

  • Identification, social security numbers, residences, and passport scans of employees
  • Balance sheets, profit and loss statements, bank statements, and numerous tax forms and reports are examples of financial papers.
  • Addresses, internal documents, postal exchanges, confidential reports, legal documents, and factory inspection findings are examples of client data.
  • Non-disclosure agreements, contracts, confidential designs and drawings, development materials, and laboratory testing are among the other documents.

LockBit is a cybercriminal group that employs malware to compromise critical company data and then tries to extort money in exchange for preventing its public publication. 

Lockbit world's most active ransomware

According to the cyber-crime prevention firm Flashpoint, it is the world's most active ransomware organization, responsible for 27.93% of all known ransomware assaults in the year ending June 2023. It stated a total of 1,036 victims is more than double that of the second-placed organization known as BlackCat. 

Other victims of the cyberattack

Shimano is the latest in a long line of high-profile LockBit victims. Trendmicro reports that the British postal service Royal Mail was attacked in January, virtually suspending its international export services. Dublin software firm Ion Group was targeted in February, while Taiwanese chipmaker TSMC was targeted in June with a US$70 million ransom demand. 

Boeing, the world's largest aircraft manufacturer, is also being extorted by the organization. 

A Shimano spokeswoman told Cyclingnews, "This is an internal matter at Shimano that is being investigated, but we cannot comment on anything at this time."

Aftermath of the attack

It is unclear what ransom, if any, has been sought by the organization at this time, but it is apparent that the revelation will be another significant blow in an already difficult period for the Japanese brand. 

It just announced a global recall of 2.8 million road cranksets due to a long-standing bonding separation issue. As a result, a class-action lawsuit was filed in North America in the weeks that followed. According to its most recent quarterly report, overall sales of bicycle components declined by 24.8%, with operational profitability decreasing by nearly half.