Shimano Cyberattack: LockBit Group Claims Responsibility


Japan-based bicycle parts manufacturing giant Shimano is reported to have fallen victim to a cyberattack orchestrated by the notorious LockBit ransomware group. 

The Japanese manufacturer, known for producing cycling components, fishing tackle, and rowing equipment, is now grappling with the aftermath of the alleged Shimano cyberattack that potentially puts sensitive information at risk.

The LockBit ransomware group claims to have gained unauthorized access to a staggering 4.5 terabytes of data. This trove includes employee details such as IDs, NRIC, IC numbers, TIN numbers, and SSS numbers, as well as contact information like email addresses and telephone numbers. 

Moreover, confidential documents including contracts, financial records, client databases, reports, presentations, and various internal documents have been compromised.

Shimano Cyberattack Decoded

Shimano Cyberattack claims by Lockbit ransomware
Source: Twitter

 

The Shimano cyberattack extends to financial documents, encompassing balance sheets, budget reports, profit and loss statements, expense reports, bank statements, and various tax forms. 

Additionally, confidential reports, sales reports, legal documents, and factory inspection results, among others, have been marked as sensitive. The gravity of the situation is underscored by the LockBit group’s assertion that all available data will be made public.

The Cyber Express has sought a statement from the bicycle parts giant regarding the alleged Shimano cyberattack. However, as of the time of writing, no official response has been received. This leaves the claims of the Shimano cyberattack unverified, heightening the urgency for the organization to address the situation promptly.

Shimano cyberattack and Recent Cybersecurity Struggle 

In a disconcerting parallel, aerospace and defense giant Boeing has also fallen prey to a cyber incident attributed to the LockBit ransomware group. While Boeing has acknowledged the occurrence of an “incident,” the full extent of the breach is yet to be disclosed. 

LockBit ransomware group has emerged as one of the most active and prolific cyber threats, implicated in a series of attacks throughout the year. What sets LockBit apart is its preference for targeting small-to-medium-sized organizations, with an average ransom demand significantly lower than other ransomware strains. Its evolution from LockBit 2.0 in 2021 to the current version, LockBit 3.0, discovered in June 2022, showcases its adaptability and persistence.

LockBit’s incursions into target networks are facilitated through purchased access, unpatched vulnerabilities, insider involvement, and zero-day exploits. Once inside, LockBit takes control, collecting vital network information and executing its primary objectives, including data theft and encryption.

A defining characteristic of LockBit attacks is the utilization of a double extortion tactic. Victims are coerced into paying twice: first, to regain access to their encrypted files, and then to prevent the exposure of their stolen data to the public. When deployed as a Ransomware-as-a-Service (RaaS), an Initial Access Broker (IAB) facilitates the initial breach, enabling the primary LockBit operator to carry out the second-stage exploitation.

Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.





Source link