Kia Customers Out in the Cold
While KIA is not disclosing details about the cause of the interruption, KIA customers have noticed and are taking to social media to try and find answers. Over the weekend social media posts described the fallout of the outage felt by KIA customers.
Particularly those during extreme winter weather conditions who were unable to access features; like remote start on their cars because the app was down. The KIA Motors account responded with this vague apology, without giving much detail, on Feb. Groups like DoppelPaymer are experts at figuring out how to cause their victims the most pain to get them to pay up; Erich Kron from KnowBe4 explained.
“In this case, the attack has impacted many significant IT systems, including those needed for customers to take delivery of their newly purchased vehicles. This could cost the organization a considerable amount of money as well as reputation damage; with current and potential customers,” Kron said.
Beyond hobbling critical operations, ransomware threat actors have learned how to add on the pressure to companies. Threatening that their most sensitive stolen data could be exposed on well-known leak sites, if they don’t pay up fast.
“Like so many modern types of ransomware, DoppelPaymer. Not only cripples the organization’s ability to conduct business but also extracts sensitive data that is used for leverage against the victim; to get them to pay the ransom,” Kron explained. ” “Unfortunately, with very few exceptions, once the data has left the organization, a data breach has occurred, and the organization will be subject to regulatory and other fines as a result. “The ironic thing is that enterprises can avoid the threat of leaked hijacked data simply by taking a data-centric approach to protecting sensitive information,” Morgan said.
“Using tokenization or format preserving encryption, businesses can obfuscate any sensitive data within their data ecosystem; rendering it incomprehensible no matter who has access to it. These reports should all be treated as cautionary tales, as an enterprise might find themselves in the same boat; without the proper data centric approach.”