UPDATED 19:23 EST / OCTOBER 04 2022

SECURITY

Ferrari denies being hacked after ransomware group publishes stolen documents

Italian vehicle manufacturer Ferrari S.p.A. had denied claims it was a victim of hacking or ransomware after a well-known ransomware group claimed to have stolen data from the company.

RansomEXX claimed on its dark web site earlier this week that it had targeted Ferrari and stolen almost 7 gigabytes of data. The group then released as proof some or all of the data, depending on the report, including internal communications, spreadsheets and technical manuals.

RansomEXX has been linked to a range of ransomware in the past, including attacks on U.S. laser company IP Photonics Corp., Konica Minolta Inc., the Texas Department of Transport and an attack on Brazil’s court system.

Despite the release of what appears to be legitimate documents, Ferrari said that though it was aware of documents being leaked online, it has not suffered a ransomware attack or other form of cybersecurity incident.

“Ferrari has no evidence of a breach of its systems or ransomware and informs there has been no disruption to our business and operations,” a spokesperson told Recorded Future. “The company is working to identify the source of the event and will implement all the appropriate actions as needed.”

RansomEXX is reported to have not left a ransom demand nor detailed how it allegedly attacked Ferrari. If a cyber attack of some sort did hit Ferrari it wouldn’t be the first time it has been exposed, with Speroni SPA, a parts supplier for Ferrari, being successfully targeted by the Everest ransomware gang in 2021.

“This demonstrates just how important it is for every organization to rethink data security,” Erfan Shadabi, a cybersecurity expert with data security platform provider comforte AG, told SiliconANGLE. “Ferarri must now assess just how much sensitive information has been released.”

Chris Vaughan, an assistant vice president at cybersecurity company Tanium Inc., noted that although not many details have been released about the attack, if RansomEXX is involved, there’s something strange about the story.

“The group, which was given the name after ‘ransom.exx’ was found in its binary, is usually motivated by financial gain, but Ferrari have said that no ransomware has been detected,” Vaughan explained. “I would be surprised if this is the case because the group has become known for operating a ransomware-as-a-service model, publishing stolen data on its leak site just as it has done with the Ferrari attack.”

Photo: Empherornie/Wikimedia Commons

A message from John Furrier, co-founder of SiliconANGLE:

Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.

  • 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
  • 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.

Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.

Cookies

We employ the use of cookies. Find out more.