APT 32 hack BMW and Hyundai?

(To Alessandro Rugolo)
09/12/19

A few days ago the news was that hackers would hit BMW and Hyundai. The hackers would have infiltrated BMW's corporate network this summer using a toolkit called Cobalt Strike, used as a backdoor to move towards the networks of the two automobile giants and, presumably, to filter data associated with the use of websites fake.

The zdnet article suggests that BMW has voluntarily allowed hackers to stay within its network to follow their movements and behavior and thus try to identify the origin of the attack, thereby blocking access only in November.

As for Hyundai, virtually nothing is known.

According to magazines German Bayerischer Rundfunk e Taggesschau which first revealed the incident, the responsible group would be known with the initials APT 32 (Advanced Persistent Threath 32) or even Ocean Lotus which would report to the Vietnamese government, so the experts of the German Cybersecurity Organization (DCSO) affirm even if they admit that there is no evidence in this regard.

The group is active from the 2014 and it seems that in recent years it has particularly targeted the automotive industry. Toyota Australia, Toyota Japan and Toyota Vietnam were among the previous victims.

According to various sources, the attack arises in the context of the industrial war between car manufacturers and, according to some, hackers would not have stolen sensitive data and failed to penetrate the networks of the Munich headquarters.

Once again the industry is the object of cyber attacks, demonstrating the interest the industry has in hackers. The automotive sector is not only a possible source of personal data of the buyers but also much more paying information relating to industrial secrets, patents and possible defects of the mechanical parts, not to mention the damage to the image suffered.

Let us be careful, whatever may be said about the economic-industrial war is always in progress. And if giants like BMW and Hyundai are victims ... no one is safe!

What to do then?

First: inquire about, always.

According to: to form the staff of their company, the technicians, the executives and the managers, each at their own level. The managers in particular they don't have to do the technicians but they have to understand how to adapt their organization to the current world and to the level of existing cyber risk.

Third: dedicate the right ones resources to the cyber sector, carrying out a careful risk analysis.

Bedroom: to help to create a better society, for example by supporting information campaigns in schools. It is in fact from schools that future workers, employees and managers come out.

Leaving the State with the burden of changing society is a utopia. Everyone's commitment, on the other hand, makes it possible to accelerate the process of digitalization of our society and to reduce risks.

To learn more:

https://www.zdnet.com/article/bmw-and-hyundai-hacked-by-vietnamese-hacke...
https://www.br.de/nachrichten/wirtschaft/fr-autoindustrie-im-visier-von-...
https://www.tagesschau.de/investigativ/br-recherche/bmw-hacker-101.html
https://www.technadu.com/vietnamese-hackers-apt32-hacked-hyundai-bmw/86959/
https://www.cobaltstrike.com/
https://attack.mitre.org/groups/G0050/
https://dcso.de/

Photo: web