UPDATED 19:23 EST / OCTOBER 04 2022

SECURITY

Ferrari denies being hacked after ransomware group publishes stolen documents

Italian vehicle manufacturer Ferrari S.p.A. had denied claims it was a victim of hacking or ransomware after a well-known ransomware group claimed to have stolen data from the company.

RansomEXX claimed on its dark web site earlier this week that it had targeted Ferrari and stolen almost 7 gigabytes of data. The group then released as proof some or all of the data, depending on the report, including internal communications, spreadsheets and technical manuals.

RansomEXX has been linked to a range of ransomware in the past, including attacks onĀ U.S. laser company IP Photonics Corp.,Ā Konica Minolta Inc., theĀ Texas Department of TransportĀ and an attack onĀ Brazilā€™s court system.

Despite the release of what appears to be legitimate documents, Ferrari said that though it was aware of documents being leaked online, it has not suffered a ransomware attack or other form of cybersecurity incident.

ā€œFerrari has no evidence of a breach of its systems or ransomware and informs there has been no disruption to our business and operations,ā€ a spokesperson told Recorded Future. ā€œThe company is working to identify the source of the event and will implement all the appropriate actions as needed.ā€

RansomEXX is reported to have not left a ransom demand nor detailed how it allegedly attacked Ferrari. If a cyber attack of some sort did hit Ferrari it wouldn’t be the first time it has been exposed, with Speroni SPA, a parts supplier for Ferrari, being successfully targeted by the Everest ransomware gang in 2021.

ā€œThis demonstrates just how important it is for every organization to rethink data security,”Ā Erfan Shadabi, a cybersecurity expert with data security platform provider comforte AG, told SiliconANGLE. “Ferarri must now assess just how much sensitive information has been released.”

Chris Vaughan, an assistant vice president at cybersecurity company Tanium Inc., noted that although not many details have been released about the attack, if RansomEXX is involved, there’s something strange about the story.

“The group, which was given the name after ā€˜ransom.exxā€™ was found in its binary, is usually motivated by financial gain, but Ferrari have said that no ransomware has been detected,” Vaughan explained. “I would be surprised if this is the case because the group has become known for operating a ransomware-as-a-service model, publishing stolen data on its leak site just as it has done with the Ferrari attack.”

Photo: Empherornie/Wikimedia Commons

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content. Ā 

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

ā€œTheCUBEĀ is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate theĀ content you create as wellā€ – Andy Jassy

THANK YOU