Who seems more likely to win: a company born from the merger of two automotive manufacturers established in the 1930s and 1940s, or a cybercrime group composed of a bunch of teenagers who have been wreaking havoc on the tech industry since 2020?
That was a rhetorical question — the teenagers have already won. Liverpool Echo reported yesterday that Jaguar Land Rover "workers have been told to stay away from work until at least [Sept. 9] as the car manufacturing giant continues to reel from a huge global cyber crisis" that forced it to halt production on Sept. 1.
ITV News reported that the hack has affected Jaguar Land Rover's global operations. "No vehicles have been built since Sunday at any of the company’s factories in Solihull, Halewood, Wolverhampton or Castle Bromwich," the outlet said, adding that "production has also been suspended in Slovakia, China, India and Brazil."
BBC reported on Sept. 2 that a group calling itself "Scattered Lapsus$ Hunters" claimed responsibility for the hack. That name is a combination of three well-known hacking groups: the Scattered Spider group, partly responsible for the 2023 hacks of MGM Resorts, Caesars Entertainment, and other companies; the Lapsus$ group that popped Nvidia, Samsung, and Microsoft from 2021-2022; and the ShinyHunters group that has repeatedly hacked AT&T Wireless and other companies since 2020.
These groups are prolific, and even though several members of Lapsus$ have been convicted for their roles in some of their previous campaigns, they have apparently concluded that they can continue to wreak havoc despite having the attention of practically the entire cybersecurity industry and global law enforcement agencies.
Their confidence doesn't end there. BBC reported that "in private text conversations with one of the criminals, who claims to be a spokesperson for the group, they explained how the gang allegedly accessed the car maker."
It's somewhat telling that the multi-billion-dollar cybersecurity industry, to say nothing of the companies that have fallen victim to Scattered Lapsus$ Hunters and its progenitors, continues to struggle against teenagers who primarily rely on social engineering tactics and known vulnerabilities while bragging about their exploits.
To add insult to injury, prominent security professional Kevin Beaumont said in a Mastodon post that "they'll frequently not even bother to deploy ransomware, they'll also do crazy things (and like to write about poo, and send people poo packages in the mail) [... it's] basically like fighting Mr Bean, who is also good at computers."
Follow Tom's Hardware on Google News, or add us as a preferred source, to get our up-to-date news, analysis, and reviews in your feeds. Make sure to click the Follow button!
