Apparently, the team at Ferrari may not have been up to speed with the latest ways to ensure your security is top priority. It was announced on Monday via a statement uploaded to their website that Ferrari was “recently contacted by a threat actor with a ransom demand related to certain client contact details”.
Ferrari then went on to say that it “will not be held to ransom” and that the best course of action was to inform their clients about the potential data exposure.
The Guru team reached out to some industry experts to understand their perspectives on the incident, and gain some valuable insights for companies looking to avoid this kind of incident in the future:
Christopher Handscomb, Solutions Engineer, EMEA, Centripetal:
“In today’s digital age, it’s becoming all too common for customer data to be breached & exfiltrated with alarming ease. This poses serious concerns for luxury good vendors and their clients alike.
From the company’s perspective, a data breach can result in severe reputational damage and even legal action, not to mention a loss of trust from consumers who may be reluctant to share their sensitive information again leading to an impact in sales.
On the other hand, consumers may find their personal information – including details on their wealth, status, employment, living arrangements, and more – shared with an unknown party, potentially leading to identity theft, financial fraud, or even physical harm.
The good news is that a rapidly growing number of cybersecurity experts are dedicated to defending against these malicious actors. However, companies must be proactive in their approach to securing essential infrastructure and safeguarding customer data.
It’s time for organisations to take a serious and proactive stance on cybersecurity before it’s too late.”
Brad Freeman, Director of Technology at SenseOn:
“Like its cars, Ferrari is a highly sophisticated organisation with extensive research and development, racing, manufacturing and retail operations. However this complexity can provide more opportunities for an attacker to penetrate defences.The Ferrari data breach exposes the unique risk faced by high net worth individuals. This means compromised data may be worth significantly more than in a general data breach as attackers are likely to spend significant time crafting targeted attacks against its valuable clients.”
Michael White, technical director, and principal architect at the Synopsys Software Integrity Group:
In this case it is not known whether any direct access to vehicles was involved in the attack, but this does highlight a notable concern for the future. The automotive industry is moving toward so-called ‘software defined vehicles’ (SDVs), meaning that many of the day to day driving experiences will rely upon extensive cloud hosted infrastructure and applications. The consequences of an attack in such an SDV environment would not just be leakage of data but in the worst case may even allow an attacker to manipulate functionality on the vehicle itself. This means that automotive OEMs such as Ferrari will need to place an increased focus on protecting so-called hybrid infrastructure, including web portals and mobile apps, from malicious attacks across the software supply chain.
Martin Jartelius, CSO at Outpost24:
“Largely as expected we see those incidents where an organization is pressured to pay as a means of silencing information on a breach, potentially leveraging the fear of GDPR fines as an element of extortion against organizations. As so far very little information is available it’s hard to determine what happened, but this does not appear to be a severe or remarkable event, it attracts more attention than it should due to the targeted organization’s brand than to the event itself.”
Javvad Malik, lead security awareness advocate at KnowBe4:
“Ransomware is a cyber pandemic that attacks all organisations regardless of size and vertical. It is why it’s important that all organisations need to put the pedal to the metal when it comes to ensuring they have the right cybersecurity controls in place.
When it comes to ransomware, most attacks are successful through phishing, taking advantage of poor credentials, or by exploiting unpatched vulnerabilities. So as a bare minimum organisations should focus on these avenues of attack.”