Cyber attack forces Toyota Financial Services systems offline | Cyber Security Hub – Cyber Security Hub

Car maker Toyota is recovering from a cyber attack on its European and African financial services department that forced it to take systems offline. In a statement, Toyota Financial Services Europe and Africa said it recently identified unauthorized activity on systems in a limited number of its locations before taking certain systems offline to investigate.
While the car giant has not confirmed the source, nature or extent of the incident, the Medusa ransomware group has claimed responsibility. It said it has stolen data from Toyota Financial Services, giving the company 10 days to pay a US $8 million ransom.
Cyber security expert Kevin Beaumont noted on X (formerly Twitter) that Toyota’s internet-accessible systems are vulnerable to the “Citrix Bleed” vulnerability that has affected dozens of organizations and governments in the last month. Citrix Bleed (CVE-2023-4966) is a critical vulnerability affecting multiple versions of Citrix Netscaler Gateway and ADC products that could enable attackers to retrieve sensitive information and hijack user sessions.
Along with carrying out its own investigation into the incident, Toyota is working with law enforcement, the firm said. “In most countries, we have started bringing our systems back online. We are working diligently to get systems back online as soon as possible and we regret any inconvenience caused to our customers and business partners.” As of now, this incident is limited to Toyota Financial Services Europe and Africa, it added.
Earlier this year, Toyota was forced to apologize after a cloud misconfiguration exposed information on more than two million customers. “We believe that the main cause of this incident was that the rules for handling data were insufficiently explained and thorough,” the firm said.
The Medusa group is a ransomware-as-a-service (RaaS) gang that has operated since 2021. The actors normally gain access to systems through vulnerable remote desktop protocols (RDP) and phishing campaigns before employing PowerShell for command execution, erasing shadow copy backups to prevent data restoration. It is also known to escalate its system privileges, deactivate defense mechanisms and spread across networks.
The Medusa group recently attacked a technology company created by two of Canada’s largest banks. Earlier this year, the gang was behind attacks on an Italian water company, a Minnesota school district and the government organization that manages the healthcare system of the Philippines.
Sign up to Cyber Security Hub’s upcoming webinar All Access: Malware and Ransomware
[Inlinead]
13 – 14 March, 2024
UK
March 18 – 19, 2024
Heathrow Marriott Hotel, London
19 – 21 March, 2024
Sheraton Ann Arbor Hotel, Ann Arbor, MI
June 11 – 13, 2024
Melbourne, Victoria
Insights from the world’s foremost thought leaders delivered to your inbox.
2021-05-19
01:00 PM – 02:00 PM EST
2021-06-09
11:00 AM – 12:00 PM EDT
2021-09-08
11:00 AM – 12:00 PM EST
Reach Cyber Security professionals through cost-effective marketing opportunities to deliver your message, position yourself as a thought leader, and introduce new products, techniques and strategies to the market.
Join CSHUB today and interact with a vibrant network of professionals, keeping up to date with the industry by accessing our wealth of articles, videos, live conferences and more.
Cyber Security Hub, a division of IQPC

Careers With IQPC| Contact Us | About Us | Cookie Policy
Become a Member today!

We respect your privacy, by clicking ‘Subscribe’ you will receive our e-newsletter, including information on Podcasts, Webinars, event discounts, online learning opportunities and agree to our User Agreement. You have the right to object. For further information on how we process and monitor your personal data click here. You can unsubscribe at any time.

source

Related Posts

After 6 months and little explanation, Norton Healthcare patients, employees still feeling effects of cyber attack – WDRB

Spotty shower possible. Storms after midnight Updated: April 16, 2024 @ 12:31 pmNorton Healthcare, a company serving about 600,000 patients a year with nearly $5 billion in assets, continues to…

Read more

CA's top cybersecurity job has been vacant for almost 2 years – CalMatters

Technology Californians get hacked all the time. The state’s top cybersecurity job is vacant In summaryGov. Newsom has yet to appoint a commander who is tasked with informing businesses and…

Read more

13 Cyber Security Measures Your Small Business Must Take – Tech.co

Our content is funded in part by commercial partnerships, at no extra cost to you and without impact to our editorial impartiality. Click to Learn MoreCybersecurity has been important to…

Read more

AVG Antivirus Free review – Ghacks

AVG AntiVirus Free is a longstanding security program for Microsoft Windows that protects computer systems from viruses, trojans and other malicious code.One interesting fact about AVG is that it maintains…

Read more

Vlog Episode #247: Chris Long on Improving Technical SEO Skills & Playing Offense SEO – Search Engine Roundtable

In part one, we learned about Chris Long and his experience working with Bill Slawski. Then, in part two, we spoke about helping people with SEO on LinkedIn and using…

Read more

Information Security Vs. Cybersecurity: What's The Difference? – Forbes

Information Security Vs. Cybersecurity: What’s The Difference?  Forbessource

Read more

Leave a Reply

Your email address will not be published. Required fields are marked *