The data included several files such as Ferrari’s internal documents, repair manuals, datasheets, and more. The incident took place days after Ferrari signed on Bitdefender as their new cybersecurity sponsor for their Formula 1 racing team.
‘RansomEXX’ Swiped 7G of Data From Ferrari
The ransomware-as-a-service (RaaS) gang reportedly made off with nearly 7 GB of data, though the exact names and the types of the stolen files have not been publicly disclosed. The cybercriminal gang has released them in parts 500MB or smaller. The data was posted for free on the gang’s dark web data leak site on Oct. 2, 2022, according to Italian news portal Red Hot Cyber, which first reported the incident on Monday and posted screenshots of the stolen files. RansomwareEXX is one of the relatively more recent cybercriminal gangs, operating since 2020. RaaS gangs tend to operate via a commission-based business model. This is not the first time a hack has directly or indirectly affected Ferrari. In December 2021, the “Everest” ransomware group hacked Speroni SPA’s systems, a manufacturing company that sits within the supply chain of several carmakers, including Ferrari. Everest had then taken 850GB of sensitive data, including personal information, which was put up for sale on the dark web.
Ferrari’s Response, New Cybersecurity Partnerships
According to deep web intelligence, Dark Feed which Tweeted about RaaS gang BlackCat‘s ransomware attack on the U.S. federal government and the Department of Defense last week, the attack on Ferrari took place only four days after Ferrari’s Scuderi Ferrari division partnered up with cybersecurity firm Bitdefender. Replying to Dark Feed’s alert, a Twitter user remarked that this ransomware attack could have had something to do with Ferrari ending its relationship with its previous Russian cybersecurity sponsor, Kaspersky. In a response to Red Hot Cyber’s alert about the ransomware incident, Ferrari’s Corporate and Financial Communications departments said the organization sees no evidence of a breach of its systems, nor is there evidence of a disruption to its business. However, Ferrari said it is working on identifying the source of the event and will take all necessary actions. Are you interested in finding out how to protect your organization from ransomware attacks? Check out our full ransomware overview. Learn more about where stolen files relating to ransomware attacks are shared in our in-depth guide to the dark web.