- Jaguar Land Rover suffered a cyber attack that interrupted retail production and trade, forcing the closure of the system and plant closures
- The violation was detected in real time, limiting the damage; The theft of customer data has not been confirmed
- No group has assumed responsibility, and the nature of the attack remains clear, although ransomware or data theft are possible reasons
The luxury car manufacturer Jaguar Land Rover (JLR) suffered a cyber attack that “severely interrupted” his retail production and sale activities.
On his corporate website, he issued a brief statement, confirming the violation: “JLR has been affected by a cyber incident,” says the warning. “We take immediate measures to mitigate its impact by proactively closing our systems.”
In its report, the BBC says that the interruptions affected two of its main plants in the United Kingdom. The attack took place last Sunday, and apparently the company’s defenders saw it while it happened, reducing its impact. The effects were still felt throughout the company, since the workers of the Halewood plant in Mersyside and the Solihull plant were told to stay at home on Monday. Those who registered early were sent home.
Restarting production
“Now we are working on PACE to restart our global applications in a controlled way,” JLR continued. “At this stage there is no evidence that customer data has been stolen, but our retail and production activities have been severely interrupted.”
At the same time, Tata Motors, the JLR parent company, presented a new report to the Bombay Stock Exchange, in which it described the attack as a “incidence of IT safety” that is causing global problems. The National Crime Agency said: “We are aware of an incident that affects Jaguar Land Rover and we are working with partners to better understand their impact.”
Until now, no threat actor attributed the responsibility of the attack, so we do not know if this was a ransomware incident or a simpler data crushing. In general, companies close parts of their IT infrastructure to contain a ransomware attack, since these final points in encryption and make them useless, at the same time that they exile the confidential data that will then be used as leverage in negotiations.
Even so, many ransomware operators have passed beyond encryption systems, claiming that the process is too expensive, cumbersome and unreliable, and focus only on the exfiltration of data.
Through BBC
