Ransomware Attack Affects Parts & Service Network for 15,000 Auto Dealerships

[zzyzzx]

At a previous job that was one of the things a security test did. Dropped random USB drives in the parking lot and check to see if anyone plugs them in.
Thankfully, no one did.

Free USB drive to take home, and reformat on my Linux desktop.

 

[zzyzzx]

Is this a bios setting or is there an actual physical device that occupies the USB slot?

It's a program that prevents USB ports from working unless it's a mouse or keyboard.

 

[Dave Hess]

Talk about coincidence.

We just got hit with ransomware because some user decided to plugin their infected USB drive. Fun fun fun. There goes my weekend.

Did boss fire the idiot ?

 

[Hall]

Is this a bios setting or is there an actual physical device that occupies the USB slot?

On Windows systems, admins can disable it via a "policy" (basically a setting).

 

[Pew]

Have you checked to see if your AV solution can disallow USB mass storage on endpoints? Previous org had that through the AV and we'd allow specific HWIDs for specific approved USB drives but there were like a total of 10 we allowed. Otherwise It'd just shut it down and alert us.

Is this a bios setting or is there an actual physical device that occupies the USB slot?

Yes thankfully our AV programs gives me cloud control over all attached devices with the HWID. Unfortunately, we have so many devices between 4 departments but work is work.

Did boss fire the idiot ?

I know who it is but we haven't gotten that far in the conversation. I'll keep it confidential, unless asked who by the c suites.

 

[B6_Dolphin]

YTuber "Samit" recently posted his opinion on the CDK ransomware attack:



Crib notes version - he believes it was ransomware, not blackmail, and CDK is guilty of not backing-up their data.

 

[B6_Dolphin]

Went back yesterday to my dealership to set-up an appointment for some warranty work on my '23 Audi RS5. SA told me their systems have about 80% functionality. I was able to get scheduled AND I was notified via text regarding my appointment date. However, you still cannot set-up an appointment through their website - it has to be done in-person or on the phone.

Fun times!

 

[Delta]

They finally got the online scheduling system up and running for my local Toyota dealer. Been needed to bring the Camry in and just waited it out as I didn't want to call in person

 

[Pew]

We're finally coming back online after our own ransomware attack on the 5th. On the good side, we basically had a fresh slate to redo the system. I definitely do not envy the companies that were unable to recover and had to pay the ransom.