IQ News: Automotive Giant Denso Hit by Ransomware Attack

Automotive technology manufacturer, Denso, has confirmed they fell victim to a cyber-attack on March 10, 2022, after a new ransomware operation – allegedly run by the Pandora group – began leaking data that was stolen during the attack.

A spokesperson for Denso told ISMG: "A group company in Germany’s network was illegally accessed by a third party, and yes, it was a ransomware attack."

Denso is a global supplier for automotive technology components and specialises in autonomous vehicle features, connectivity, and mobility services for brands such as Toyota, Mercedes-Benz, Ford, Honda, Volvo, Fiat, and General Motors (GM).

The company currently operates out of Japan but has over 200 subsidiaries and 168,391 employees worldwide and their revenue for 2021 was reported to be US$44.6bn.

Denso claims they responded immediately once illegal access was detected by cutting off network access to the rest of their networks, limiting the impact to the German division only. The company has informed all respective law enforcement departments and a specialised cyber security agency to further investigate the incident.

A company statement said: "After detecting the unauthorised access, Denso promptly cut off the network connection of devices that received unauthorised access and confirmed that there is no impact on other Denso facilities.

“There is no interruption to production activities, and we keep operating all our plants as usual. We [could] do this because we transferred the operation which is impacted by this incident to other Denso sites. We are investigating which data was impacted by this incident. We cannot say any further details about it."

Automakers are Taking the Wheel on Cyber Protection

While Denso is the recent victim of a cyber-attack, in 2015 security researchers remotely caused a Jeep Cherokee to lose power on a highway, took control of the radio, and over-rode the climate settings. This caused FCA Automotive to recall 1.4 million vehicles to fix the technical vulnerabilities.

So, what are automakers doing to get cyber ready?

GM and Volkswagen have reported to follow a practice called “defence in depth”, a process that eliminates unnecessary software and establishes rules to only let vehicle systems communicate with each other when necessary.

“Human life is involved, so cyber security is our top priority,” said Kevin Tierney, GM’s Vice President for Global Cyber Security.

Continental, similarly, employs an intrusion detection and prevention system to thwart attacks. “If the throttle position sensor is talking to the airbag and is not planned, we can stop this,” Ronen Smoly, Chief of Argus Cyber Security, a division of Continental, told The New York Times.

Slowly but surely, global cyber security standards and regulations for vehicles are also starting to take shape.

“A United Nations regulation on vehicle cyber security came into force [in 2021], obligating manufacturers to perform various risk assessments and report on intrusion attempts to certify cyber security readiness,” reported The New York Times.

The regulation will take effect for all vehicles sold in Europe from July 2024 and in Japan and South Korea in 2022.

To learn more about how to prevent cyber risk, join Automotive IQ in Detroit where cyber security experts from Renault, Toyota, Volvo Trucks, and GM will be giving their insights on the latest cyber security strategies.