A gaggle of younger English-speaking hackers are claiming to be behind the cyber assault which has halted the worldwide manufacturing strains of Jaguar Land Rover (JLR).
The group is bragging concerning the hack on the messaging app Telegram, sharing screenshots apparently taken from contained in the automotive maker’s IT networks.
The gang can also be accountable for a wave of cyber assaults on UK retailers together with M&S within the spring – and are calling themselves “Scattered Lapsus$ Hunters”.
“The place is my new automotive, Land Rover,” the hackers – who’re considered teenagers – posted to taunt the corporate.
JLR advised the BBC it was conscious of the claims and was investigating.
In non-public textual content conversations with one of many criminals, who claims to be a spokesperson for the group, they defined how the gang allegedly accessed the automotive maker.
It is understood they’re now attempting to extort the agency for cash.
However the hacker wouldn’t say if they’ve efficiently stolen non-public knowledge from JLR or put in malicious software program onto the corporate’s community.
The hacker would not present any extra proof – and all these felony gangs are identified to magnify to get consideration.
However two photographs posted by the group present obvious inside directions for troubleshooting a automotive charging challenge and inside pc logs.
One safety professional has speculated the screenshots counsel the criminals have entry to info they need to not have.
“Based mostly on the data supplied by the attackers and open supply intelligence, the assault has entry to JLR’s inside techniques and community,” safety researcher Kevin Beaumont stated.
A spokesperson for the Info Commissioner’s Workplace stated: “Jaguar Land Rover has reported an incident and we’re assessing the data supplied.”
Automotive manufacturing at websites together with the Halewood plant in Merseyside and one other in Solihull have been closely disrupted because the assault was found on Sunday.
Workers have been despatched residence and JLR has stated it is working to get manufacturing again on-line.
The corporate has not disclosed the character of the assault.
“We took instant motion to mitigate its affect by proactively shutting down our techniques, it stated in an announcement.
“We are actually working at tempo to restart our world purposes in a managed method.
“At this stage there is no such thing as a proof any buyer knowledge has been stolen however our retail and manufacturing actions have been severely disrupted.”
The hackers selected the identify Scattered Lapsus$ Hunters to mirror the merging of assorted youth-orientated cyber criminals who’re all related to a community referred to as The Com.
Earlier this 12 months the Nationwide Crime Company warned of the rising risk from cyber criminals in The Com.
The newly named group is a mix of hackers who’ve been a part of the teams Shiny Hunters, Lapsus$ and Scattered Spider – all infamous younger hacking teams of the previous couple of years that emerged from The Com.
The Telegram channel utilized by the criminals now has practically 52,000 subscribers. The group has been bragging about hacks and sharing incomprehensible in-jokes for days.
It is the fourth such Telegram channel as earlier ones have been closed down.
Scattered Spider is identify of a loosely linked group of hackers accountable for excessive profile assaults on M&S, Co-op and Harrods in April and Could.
In July the Nationwide Crime Company arrested 4 individuals in connection to the hacks.
A 20-year-old girl was arrested in Staffordshire, and three males – aged between 17 and 19 – have been detained in London and the West Midlands. All have since been launched on bail.
