Recently, German media reported that some hackers suspected to have ties with the Vietnamese government have tried to gain access to the network of two car manufacturers, namely BMW and Hyundai.
Their main intention was stealing automotive trade secrets. The attacker has installed a penetration testing tool called Cobalt Strike on one of the infected pc which acts as a backdoor for them. BMW had cleverly allowed attackers to persist on their network and keep an eye on their every move till the end of November.
Neither BMW nor HYUNDAI had commented about the article published by the BR media outlet.
It is assumed that behind this invasion attacks there is a hacking group known for the automobile industry, called Ocean Lotus (or APT32). It is believed that the attack has been carried on support of the Vietnamese government. Earlier also the same organization is behind the attack on Toyota Australia, Toyota Japan, and Vietnam Toyota. This group is active since 2014 and known for many attacks under Vietnam.
We have implemented structures and processes that minimize the risk of unauthorized external access to our systems and allow us to quickly detect, reconstruct, and recover in the event of an incident,The carmaker said in a general statement.
According to reports Vietnam is using these hacking practices to steal foreign intellectual property and use it for the state-funded organization. These practices were also practiced by China hacking groups to acquire sensitive information about the airplane manufacturing sector.
The OceanLotus group has already become important, and we should keep an eye on its evolution, especially because of the target range automotive industry
Said a spokeswoman.