Recently, a number of international technology giants have been planted in the hands of hackers.
According to brokerage China, citing Japanese media reports, the world's major auto parts supplier Denso is suspected to have been attacked by hackers. More than 157000 purchase orders, emails and design drawings with a total of 1.4tb of information are suspected to have been leaked, and hackers demand ransom at the end of February, another Toyota supplier Island stamping industry was attacked by hackers, resulting in the shutdown of all Toyota factories in Japan for one day.
In addition, at the end of February, the international chip giant NVIDIA was exposed to be attacked by the hacker organization lapsus $, about 1TB of data was stolen and more than 70000 employee data was leaked. Recently, South Korean technology giant Samsung Electronics admitted to being attacked by the same hacker organization, resulting in the source code leakage of Galaxy branded devices such as smartphones. According to the hacker organization lapsus $, the batch of leaked data is nearly 190gb, which is divided into three compressed files for external download, including biometric algorithm and confidential source code from Qualcomm and so on.
Toyota's supply chain is attacked by hackers again
Denso, the world's leading auto parts supplier, suffered a suspected extortion software attack, and a large amount of internal information was obtained by hackers, the science and Innovation Board Daily quoted the Japan Broadcasting Association as saying on Sunday
MBSD, a Japanese network security company, also reported that a hacker group named "Pandora" issued a statement earlier on Sunday, saying that it had obtained more than 157000 purchase orders, emails, design drawings and other 1.4tb of information for electric equipment, if the company did not pay the ransom as required, it would publish the relevant information on the dark network
Although the spokesperson of the company declined to confirm the report itself, said that the company detected that its subsidiary in Germany had encountered unauthorized login and used blackmail software on Thursday the spokesman also confirmed that the company's production and commercial activities have not been affected by the incident.
It is reported that was blackmailed by hackers, and Denso Co., Ltd. is the world's top supplier of auto system parts it was founded in December 1949. It was originally separated from Toyota Motor Co., Ltd. and now has more than 170 subsidiaries in more than 30 countries and regions.
if the nature of this incident is true, it means that Toyota's supply chain has been subjected to cyber security attacks in just two weeks previously, Toyota supplier Kojima press industry reported a cyber security attack on February 28, which also caused all Toyota's local factories to shut down for one day on March 1.
Toyota spokesman Hideaki Homma also said in response to media inquiries on Sunday that he had learned from the electric decoration company that this situation had no impact on commercial operations.
For Toyota, although the overall supply chain showed better resilience than its peers during the epidemic, it has also encountered a lot of trouble since the new year. In addition to the production stagnation caused by the epidemic itself, the traffic jam between the United States and Canada by protesters also affected the company's North American production capacity, and the cyber attack directly caused a large-scale shutdown Akio Toyoda also said last week that the company may need to review its annual production plan due to the intensification of global production disruption
Samsung and NVIDIA have not escaped
hackers say they will open download source code
according to a report from China, a securities firm, Samsung said on March 7 that hackers had invaded its internal company data and obtained some source codes of Galaxy branded devices such as smart phones
Before the South Korean electronics giant's statement, the hacker organization lapsus $claimed on the Internet over the weekend that it had stolen up to 190gb of confidential Samsung source code.
Source: China Securities Company
It is said that the leaked data in this batch includes: the source code of each trusted applet (TA) installed in Samsung TrustZone environment for sensitive operation (such as hardware encryption, binary encryption and access control), all biometric unlocking device algorithms, the source code of boot loader of all the latest three-star devices, the source code of Samsung activation server For the complete source code (including API and services) of the technology used to authorize and verify Samsung accounts, confidential source code from Qualcomm, etc. lapsus $divides these materials into three compressed files for external download through the point-to-point network however, so far, the hacker organization has not asked for ransom.
Source: China Securities Company
It is worth mentioning that lapsus $is the hacker organization of chip blackmail giant NVIDIA
It is reported that, as an emerging hacker organization, lapsus $is currently demonstrating its strength by attacking various large technology companies. Lapsus $has hacked the official website of a newspaper and a TV channel under impresa group, Portugal's largest media collection. The incident has also become one of the largest cyber security incidents in Portugal's history. In addition, lapsus $also hacked the Brazilian Ministry of health and two South American telecom operators Claro and embratel.
According to Jimu news, on March 17, Japan's Kyodo news agency quoted the survey results of American enterprises as showing that in 2021, computer hackers carried out cyber attacks on some enterprises and groups through "blackmail software" and demanded "ransom" for at least US $602 million
According to Kyodo news agency reports, these ransoms paid to hackers are mostly paid in the form of encrypted assets (virtual currency), which is difficult to track, the whole process does not know who or where the other party is, and if the alarm is likely to interrupt the business, the gains outweigh the losses.
Therefore, many enterprises and groups have to pay ransom to hackers in order to maintain the normal development of business.
the world is facing a "wave of hacker attacks"
strengthening network security is urgent
The Russian government said on Thursday that Russian government websites and official media are facing an "unprecedented" wave of hacker attacks, prompting regulators to filter information from abroad
In view of the frequent hacker attacks in the United States, the U.S. government has more frequently stated that it should strengthen network security work in various fields to meet the long-term challenges related to network attacks, including investing in education to cultivate more talents in network security and maintain the status of the United States in innovative technology.
In this context, network security has been paid more and more attention by governments all over the world, and the Chinese government is no exception at this year's two sessions, a number of representatives also made proposals on data and network security
Zhou Hongyi, member of the National Committee of the Chinese people's Political Consultative Conference and founder of 360, suggested to plan and build the industry digital security system at the same time; Research and build a forward-looking digital security platform system for new digital technologies and application scenarios; It is suggested that the city should be the main body, and the government should make an overall plan to build the urban level digital space security infrastructure and emergency system.
Lin Yong, deputy to the National People's Congress and member of the Central Committee of the China Democratic National Construction Association, suggested to clarify the attributes of various rights such as data ownership, use right, processing right, control right and income right, and determine the relevant rights and responsibilities of the owners of various data rights; Formulate national administrative regulations on information security in the field of non network data transactions; In the implementation of the project of "counting from the east to the west", strengthen the construction of supporting laws and regulations system of National Computing hub nodes and data center clusters, strengthen information security protection and prevent illegal data leakage.
The Guolian Securities Co.Ltd(601456) research report shows that according to the prediction of IDC (International Data Corporation), with the special attention paid to network security in the world, by 2025, the scale of global network security industry is expected to reach 211.4 billion US dollars, which is about more than 13000 billion US dollars if converted into RMB at the current exchange rate.
