4th March: Germany and UK raise Cyber threat level ++ 14 Toyota factories shut down ++ New US legislation forces reporting of cyberattacks and ransomware

Germany and UK raise Cyber threat level

BSI, Germans Federal Office for Information Security, as well as its British counterpart, National Cyber ​​Security Centre (NCSC) have officially raised the national cyber threat level.

BSI states that there is no direct threat detected, but the situation can change quickly. It has reached out to government institutions and companies in the KRITIS sector and warned them to remain vigilant. According to reports from last week, Poland and Lithuania have raised their threat levels as well.

This happens in light of the current situation in Ukraine. It is possible, that cyberattacks sabotaging Ukrainian infrastructure might spill over to other countries – due to the connectedness of servers and services.

The number of reported incidents seems to be rising after the escalation of the conflict in Ukraine, some sources calling it a “Cyber War”. Official statements and proof on whether the attacks are linked to the conflict are still rare. Hacker collectives such as Anonymous claim to be undertaking successful attacks on Russia. The hacker collectives warn from severe attacks on critical infrastructure and consider their attacks a sign of solidarity.

Sources:
tagesschau.de
bsi.bund.de
netzpolitik.org
ncsc.gov.uk

14 Toyota factories shut down for one day after attack on supplier

After a cyberattack on the Japanese automotive supplier Kojima, Toyota had to halt operations at 14 plants for one day, resulting in 13.000 less cars produced. This amounts to approximately one third of Toyota’s global production.

According to Kojima Industries a server problem was found last Saturday. After rebooting the server the infection was detected. Kojima announced on Tuesday morning that it has received ransom demands and confirmed the existence of a virus.

Many of Toyota’s suppliers are directly connected to the company’s kanban just-in-time production control system – which in this case allowed the problem to spread from the supplier to the automaker’s production lines. In order to prevent long-term damage, Toyota halted production for one day and prioritized inspection and recovery of the system.

The Japanese government is following the incident closely due to worries about small and mid-level companies that often do not have enough cybersecurity measures in place. Toyota’s operations in Japan encompass a supply chain of 60,000 companies across four tiers.

Neither the attackers nor the reason for the attack have been made public yet.

Sources:
cnn.com
asia.nikkei.com
threatpost.com
bugsfighter.com

New US legislation forces reporting of cyberattacks and ransomware

On Tuesday, the American Senate passed a major cybersecurity legation, that will require owners of critical infrastructure as well as federal agencies to report all incidents to the Cybersecurity and Infrastructure Security Agency. The senate hopes that this bill will help facilitate greater cyber defense coordination

This action was taken after several severe incidents, for example the attack on Colonial Pipeline last May or the attack on a major US meat producer.

Among other things the legislation sets deadlines for the reporting of cyber incidents: attacks have to be reported within 72 hours, ransomware payments within 24 hours. Critics say that companies under attack might have other priorities than knowledge sharing. Generally, the legislation is considered an important step in the direction of strengthening US cyber security.  The Strengthening American Cybersecurity Act combines language from three bills, the Cyber Incident Reporting Act (CIRA), the Federal Information Security Management Act (FISMA), and the Federal Secure Cloud Improvement and Jobs Act (FSCIJA). It would require the government to take a risk-based approach to cybersecurity and also authorize the Federal Risk and Authorization Management Program (FedRAMP) to ensure federal agencies can adopt cloud-based technologies, according to CNN.

It still has to be approved by the House before it makes it’s way to Biden’s desk and becomes official.

Sources:
pymnts.com
thehackernews.com
cnn.com


Is cybersecurity a topic of interest for your company? As an independent entity with a portfolio of proven security providers, CyberCompare can provide you with comparative offers at no charge and with no obligation. Reach out to us or use our diagnostic to learn more about your cyber risk profile.

Please remember: this article is based our knowledge at the time it was written – but we learn more every day. Do you think important points are missing or do you see the topic from a different perspective? We would be happy to discuss current developments in greater detail with you and your company’s other experts and welcome your feedback and thoughts.

And one more thing: the fact that an article mentions (or does not mention) a provider does not represent a recommendation from CyberCompare. Recommendations always depend on the customer’s individual situation.