- Jaguar Land Rover has undergone a cyber attack that disrupted production and retail, forcing system closings and plant closings
- The breach has been detected in real time, limiting damage; No customer data flight has been confirmed
- No group has claimed responsibility, and the nature of the attack is not clear, although ransomware or theft of data are possible reasons
Luxury car manufacturer Jaguar Land Rover (JLR) has undergone a cyber attack which “seriously disrupted” its retail production and sales activities.
On his business website, he published a brief statement, confirming the violation: “JLR was affected by a cyber-incident,” said the opinion. “We have taken immediate measures to mitigate its impact by proactively closing our systems.”
In its report, the BBC affirms that the disturbances affected two of its main British factories. The attack took place last Sunday, and apparently the defenders of the company spotted it as it happened, reducing its impact. The effects were still felt in the company because workers at the Halewood factory in the Merseyside and the Solihull factory were invited to stay at home on Monday. Those who registered early have also been sent home.
Restart production
“We are now working in Pace to restart our global applications in a controlled manner,” continued JLR. “At this point, there is no evidence that customer data has been stolen, but our retail and production activities have been seriously disrupted.”
At the same time, Tata Motors – JLR’s parent company – has submitted a new report to the Bombay Stock Exchange, in which he described the attack as an “IT security” that causes global problems. The National Crime Agency said: “We are aware of an impact on Jaguar Land Rover and work with partners to better understand its impact.”
So far, no threat actor has claimed the responsibility of the attack, so we do not know if it was a ransomware or smash incident and a simpler data grab. Usually, companies have closed certain parts of their IT infrastructure to contain a ransomware strike, because these ending points encrypt and make them useless, while exfiltrating sensitive data to use later as leverage in negotiations.
However, many ransomware operators have exceeded encryption systems, saying that the process is too expensive, heavy and unreliable, and focuses solely on data exfiltration.
Via Bbc
