2019-BMW-and-Hyundai-hacked-by-Vietnamese-hackers-report-claims- -ZDNet PDF

Preview

Summary

fvfvetg...

Description

BMW and Hyundai hacked by Vietnamese hackers, report claims | ZDNet

5/26/20, 3)42 PM

MENU

!

AS

BMW and Hyundai hacked by Vietnamese hackers, report claims Hacks linked to Ocean Lotus (APT32), a group believed to operate with orders from the Vietnamese government.

By Catalin Cimpanu for Zero Day | December 6, 2019 -- 20:39 GMT (04:39 GMT+08:00) | Topic: Security

Image: Pablo Martinez

SEE ALSO

10 dangerous app vulnerabilities to watch out for (free PDF) (https://www.techrepublic.com/resourcelibrary/whitepapers/10-dangerous-app-vulnerabilities-to-watch-out-for-free-pdf/?ftag=CMG-01-10aaa1b)

https://www.zdnet.com/article/bmw-and-hyundai-hacked-by-vietnamese-hackers-report-claims/

Page 1 of 6

BMW and Hyundai hacked by Vietnamese hackers, report claims | ZDNet

5/26/20, 3)42 PM

German media is reporting that hackers suspected to have ties to the Vietnamese government have breached the networks of two car manufacturers, namely BMW and Hyundai. The report, coming from Bayerischer Rundfunk (https://www.br.de/nachrichten/wirtschaft/frautoindustrie-im-visier-von-hackern-bmw-ausgespaeht,RjnLkD4)

(BR) and Taggesschau

(https://www.tagesschau.de/investigativ/br-recherche/bmw-hacker-101.html)

(TS), claims that hackers

breached the network of a BMW branch sometime this spring. The attackers allegedly installed a penetration testing toolkit named Cobalt Strike on infected hosts, which they used as a backdoor into the compromised network. BMW had supposedly allowed the hackers to persist on its network, and followed their every move, cutting off their access over the last weekend -- end of November. BR and TS reporters claim the hackers behind the attack also breached Hyundai but did not provide any additional details about this second intrusion. Neither BMW nor Hyundai wanted to comment on the BR article. Similar requests for comment sent by ZDNet remained unanswered.

INTRUSIONS BLAMED ON APT32 BR and TS said the group behind the BMW and Hyundai intrusions is a threat actor known for its attacks on the automotive industry [1 (https://www.cyberscoop.com/apt32-ocean-lotus-vietnam-carcompanies-hacked/),

2 (https://www.bloomberg.com/news/articles/2019-03-20/vietnam-tied-hackers-target-auto-

industry-firms-fireeye-says)].

Known as Ocean Lotus (https://malpedia.caad.fkie.fraunhofer.de/actor/apt32) (or APT32 (https://attack.mitre.org/groups/G0050/)),

the group is believed to carry out attacks on behalf of the

Vietnamese government. According to reports, the group has been active since 2014. While initial attacks had https://www.zdnet.com/article/bmw-and-hyundai-hacked-by-vietnamese-hackers-report-claims/

Page 2 of 6

BMW and Hyundai hacked by Vietnamese hackers, report claims | ZDNet

5/26/20, 3)42 PM

focused on hacking foreign corporations active in Vietnam and other Southeast Asian countries, since 2017, the group has incessantly targeted the automotive industry. Prior to today's revelations, the group has been publicly linked (https://twitter.com/ItsReallyNick/status/1106192887556042752)

to an attack on Toyota Australia

(https://www.toyota.com.au/news/toyota-australia-statement-re-attempted-cyber-attack).

Weeks after, Toyota

Japan (https://www.zdnet.com/article/toyota-announces-second-security-breach-in-the-last-five-weeks/) and Toyota Vietnam (http://www.toyotavn.com.vn/en/news/hot-news/855/notice-on-a-cyberattack-targeting-toyota) disclosed similar breaches. Many experts have speculated that the Vietnamese government has taken a page out of China's book and is using hacking groups to carry out economic espionage on foreign companies, stealing intellectual property, and then using it for its state-funded corporations. China used this strategy to prop its airplane manufacturing sector (https://www.zdnet.com/article/building-chinas-comac-c919-airplane-involved-a-lot-of-hacking-report-says/),

and

now experts believe Vietnam is doing the same for its fledgling automotive startup VinFast (https://en.wikipedia.org/wiki/VinFast),

which started rolling out its first cars

(https://theaseanpost.com/article/vietnams-vinfast-rolls-out-first-car)

out factory lines this year.

The world's most famous and dangerous APT... (/pictures/the-worlds-most-famous-and-dangerous-apt-stateSEE FULL GALLERY (/pictures/the-worlds-most-famous-and-dangerous-apt-state-developed-malware/)

developed-malware/) (/pictures/the-worlds-

(/pictures/the-worlds-

(/pictures/the-worlds-

(/pictures/the-worlds-

most-famous-and-

most-famous-and-

most-famous-and-

most-famous-and-

dangerous-apt-state-

dangerous-apt-state-

dangerous-apt-state-

dangerous-apt-state-

developed-malware/)

developed-malware/2/)

developed-malware/3/)

developed-malware/4/)

(/pictures/the worlds

(/ i t

(/ i t

(/ i t

/th

ld

/th

ld

1 - 5 of 18

/th

ld NEXT

()

SECURITY

Windows 10 to get PUA/PUP protection feature (https://www.zdnet.com/article/windows-10-to-get-puapuphttps://www.zdnet.com/article/bmw-and-hyundai-hacked-by-vietnamese-hackers-report-claims/

Page 3 of 6

BMW and Hyundai hacked by Vietnamese hackers, report claims | ZDNet

5/26/20, 3)42 PM

protection-feature/)

Best security keys in 2020: Hardware-based two-factor authentication for online protection (https://www.zdnet.com/article/best-security-keys/)

Best password managers for business in 2020: 1Password, Keeper, LastPass, and more (https://www.zdnet.com/article/best-password-managers/)

Cyber security 101: Protect your privacy from hackers, spies, and the government (https://www.zdnet.com/article/online-security-101-how-to-protect-your-privacy-from-hackers-spies-and-the-government/)

How to protect smart factories and networks from cyber attacks (ZDNet YouTube) (https://www.youtube.com/watch?v=0bBS6KOWRA0)

Top 6 cheap home security devices in 2020 (CNET) (https://www.cnet.com/how-to/top-cheap-home-securitydevices-in-2020-amazon-echo-smart-cam-wyze/?ftag=CMG-01-10aaa1b)

Why organizations shouldn't automatically give in to ransomware demands (TechRepublic) (https://www.techrepublic.com/article/why-organizations-shouldnt-automatically-give-in-to-ransomware-demands/? ftag=CMG-01-10aaa1b)

RELATED TOPICS:

SECURITY TV

DATA MANAGEMENT

CXO

DATA CENTERS

By Catalin Cimpanu for Zero Day | December 6, 2019 -- 20:39 GMT (04:39 GMT+08:00) | Topic: Security

SHOW COMMENTS

https://www.zdnet.com/article/bmw-and-hyundai-hacked-by-vietnamese-hackers-report-claims/

Page 4 of 6

BMW and Hyundai hacked by Vietnamese hackers, report claims | ZDNet

https://www.zdnet.com/article/bmw-and-hyundai-hacked-by-vietnamese-hackers-report-claims/

5/26/20, 3)42 PM

Page 5 of 6

BMW and Hyundai hacked by Vietnamese hackers, report claims | ZDNet

https://www.zdnet.com/article/bmw-and-hyundai-hacked-by-vietnamese-hackers-report-claims/

5/26/20, 3)42 PM

Page 6 of 6...