Volvo Cars has issued a statement acknowledging a hack that resulted in the loss of sensitive data. The company discovered that one of its file repositories had been accessed unlawfully by a third party.
The company clarified that investigations till now reveal only a small portion of the company’s R&D property was taken during the cyberattack. Based on the information provided, Volvo Cars has assessed that there may be an impact on the company’s operations.
Volvo also stated that it is currently investigating the matter and has recruited a cybersecurity firm to investigate the property theft. According to the company’s statement, the hack did not affect its customers’ automobiles or personal data safety or security. However, they qualified their remark by stating that it was based on the information they had at the time.
As per some reports, the Snatch ransomware organization claimed credit for the attack on November 30 after adding the firm to its leak site. The organization has already published a fraction of the papers they obtained on its leak site.
Sophos revealed that the organization has been active since 2018 but acquired prominence in 2019 for a unique method of bypassing antivirus software by rebooting an infected machine into Safe Mode and performing the ransomware’s file encryption procedure.
The gang gained a reputation for purchasing access to target networks and waiting for days or weeks before launching the ransomware attack. It also gained popularity as a ransomware gang that extorted money from victims while encrypting their networks.
According to experts, most ransomware is propagated by phishing emails or by abusing RDP instances exposed to the internet, which was a trademark of Snatch. The Snatch gang heavily uses RDP for infection and lateral mobility inside a company. To protect themselves from these cyberattacks, businesses should ensure that their staff is educated on the necessity of having complex passwords and not reusing passwords across several accounts. Organizations should also be aware of the RDP brute force attacks.