Kia Motors allegedly suffers a ransomware attack

Hackers demanding a $20 million ransom to release a decryptor

Kia sign with a red background

Kia Motors America has been hit with a $20 million ransom by the hackers behind the DoppelPaymer ransomware.

The attack has taken the car manufacturer’s systems offline, and the gang has threatened to leak sensitive information if the company didn’t pay up. So far, the attack has seen a nationwide outage of internal websites used by dealers. Kia Motors 

A ransom note sent to Kia’s parent company, Hyundai Motor America, and seen by Bleeping Computer said to prevent the data leak and receive a decryptor, the company must pay the hackers 404 bitcoins (approximately $20 million). If Kia fails to pay, the ransom increases to 600 bitcoins (roughly $30 million).

According to reports, DoppelPaymer hackers haven’t said what data they’ve stolen.

Kia Motors America denied that it suffered a ransomware attack but did admit it was “experiencing an extended systems outage.”

Sam Curry, chief security officer at Cybereason, told ITPro if news reports are accurate, Kia Motors has long since passed the panic mode in dealing with a massive ransomware attack that has affected operations for more than five days.

“From afar, it appears the attackers have taken Kia Motors to its knees. Think about the scale of the problem for a company of this size with tens of thousands of employees and thousands of dealerships. Every additional hour and day they are incapacitated is costing the company tens of millions of dollars that will not be recouped,” Curry said.

Natalie Page, threat intelligence analyst at Talion, told ITPro DoppelPaymer is a problematic strain we’ve seen successfully infiltrate numerous large-scale global organizations recently. It’s infamous for its initial immense ransom demands, often negotiated to a much smaller amount if the organization chooses to pay.

“Unfortunately for Kia there is no guarantee that if the ransom is paid, DopplePaymer’s operators shall not leak any sensitive data,” she said. “Whichever eventuality the company selects, as stressful as the situation will currently be for Kia, for the salvation of the company’s reputation the priority going forward needs to be their clients and shareholders. Communication is key.”

Featured Resources

2021 Thales access management index: Global edition

The challenges of trusted access in a cloud-first world

Free download

Transforming higher education for the digital era

The future is yours

Free download

Building a cloud-native, hybrid-multi cloud infrastructure

Get ready for hybrid-multi cloud databases, AI, and machine learning workloads

Free download

The next biggest shopping destination is the cloud

Know why retail businesses must move to the cloud

Free Download

Recommended

Marsh McLennan reveals its cyber risk analytics center
risk management

Marsh McLennan reveals its cyber risk analytics center

15 Oct 2021
£100 contactless payment limit could place shoppers at risk, warn industry experts
Policy & legislation

£100 contactless payment limit could place shoppers at risk, warn industry experts

15 Oct 2021
Hackers used MSHTML exploit a week before patches were ready
zero-day exploit

Hackers used MSHTML exploit a week before patches were ready

14 Oct 2021
Hackers fake DocuSign and offer fraudulent signing methods
document management systems (DMS)

Hackers fake DocuSign and offer fraudulent signing methods

14 Oct 2021

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Veritas Backup Exec 21.3 review: Covers every angle
backup software

Veritas Backup Exec 21.3 review: Covers every angle

14 Oct 2021
HPE wins networking contract with Birmingham 2022 Commonwealth Games
Network & Internet

HPE wins networking contract with Birmingham 2022 Commonwealth Games

15 Oct 2021