Renault and Nissan have been attacked by online hackers, affecting production at Nissan's Sunderland factory.
The attacks are reported to have been carried out by the same group which attacked the NHS this week. The BBC reports Renault is the first French company to be affected by the cyber attack, which steals and encrypts files and documents, before demanding a fee of $300 (around £230) to de-crypt them. In total, around 75,000 systems in 99 countries are believed to have been affected.
A Renault UK spokesman said: "Groupe Renault confirms it was impacted by the global cyber attack that began late on Friday May 12. It consists of a Ransomware virus. Proactive measures were taken immediately in order to stop the spread of the Virus and protect the group. A full diagnosis is in progress in order to put in place the appropriate solutions to resume operations."
Nissan's Sunderland plant, where the Nissan Qashqai and Infiniti Q30 are made, has also been affected.
"Like many organisations our plant was subject to a ransomware attack affecting some of our systems on Friday evening," said a spokesman. "We are working to resolve the issue."
Most affected organisations so far have been state owned. Renault is part-owned by the French government, while other targets include the NHS and Russian state-owned rail services. It's unknown who is behind the global attack, and Europol is investigating. Nissan is part of the Renault-Nissan Alliance partnership.
Read more:
Car hacking: how cyber security is stepping up
Harman demonstrates first ever live car hack at CES
Autonomous cars to have ‘thousands of security risks’
Tesla responds to Model S hacking by Chinese security company
New simulator to combat threat of autonomous car hacking
Volkswagen locking software hacked by researchers, millions of cars implicated
*/
Join the debate
Add your comment
Not just XP
There's a lot of blame to be distributed here, really. Of course, the hackers are mostly responsible, but it needs saying that corporate victims are victims of their own employers weak IT governance which had not ensured these critical patches had been applied. It's like they left a back door unlocked and carried on regardless, despite this vulnerability (and the patch) being well publicised over the last month. So it's OK to feel sorry for them, but at the same time, someone should get fired for this at every corporate or institutional victim, because they didn't do their job.
Also leading the list of villains is the US National Security Agency, which found this vulnerability and had been using it for perhaps years to covertly access computer systems around the world without disclosing it to anyone, because they didn't want it fixed. And then it got leaked, and the rest is history.
Hacking