Kia Motors America Inc. has been allegedly struck by a DoppelPaymer ransomware attack along with a demand for a 404 bitcoin ($20 million) ransom payment.
As reported by Bleeping Computer, the attack appeared first with a nationwide information technology outage across Kai’s North American business earlier this week. The outage affected Kia’s mobile UVO Link app, phone services, payment systems, payment systems, owner portal and internal sites used by dealerships.
A ransom note allegedly sent to Kia indicated that it was a double-tap ransomware attack in which both files were encrypted and stolen. In the note, the DoppelPaymer gang threatens to publish the stolen data within three business days if payment for a decryption tool was not forthcoming.
The threats of publishing stolen data are not hollow: Hon Hai Precision Industry Co., better known as Foxconn, was struck by DoppelPaymer in December, with stolen files subsequently published on the dark web, the shady corner of the internet where illicit activity is often conducted, when it refused to pay up. Previously known DoppelPaymer ransomware attacks include “Big Brother” producer Endemol Shine and Mexican state-owned petroleum firm Petróleos Mexicanos.
Officially Kia Motors America is denying that it has been struck by ransomware, telling The Drive that though it was aware of the reports, “at this time, we can confirm that we have no evidence that Kia or any Kia data is subject to a ‘ransomware’ attack.”
“DoppelPaymer and others are immensely more profitable when they target large organizations and disrupt their critical IT operations,” Andrea Carcano, co-founder of industrial cybersecurity firm Nozomi Networks Inc., told SiliconANGLE. “These ransomware scenarios should be factored into an organization’s incident response and business continuity plans. Beyond a technical response, decision-makers need to be prepared to weigh the risks and consequences of alternate actions.”
Niamh Muldoon, global data protection officer at cloud-based identity and access management provider OneLogin Inc., noted that ransomware is the No. 1 cybercrime because it offers a high return on investment.
“During 2021 we will definitely see cybercriminal individuals and groups try to maximize their return of investment with their attacks, whether it’s targeting high-value individuals or large enterprise organizations like a car company,” Muldoon added.
Photo: Kia Motors America
Since you’re here …
Show your support for our mission with our one-click subscription to our YouTube channel (below). The more subscribers we have, the more YouTube will suggest relevant enterprise and emerging technology content to you. Thanks!
Support our mission: >>>>>> SUBSCRIBE NOW >>>>>> to our YouTube channel.
… We’d also like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.
If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.