A Vietnamese group supported by the authorities compromised BMW and Hyundai. So, the giants’ networks were under cyber-attacks for months, recently.
“Ocean Lotus” (code name APT32) has been operational for a few years. In the spring, it infiltrated the network of the German car giant. Then, it installed a pen testing tool known – Cobalt Strike. Thus, they managed to remotely spy on the machines.
BMW’s cybersecurity team managed to detect the attack and monitored the group’s activity. According to Bayerischer Rundfunk, BMW’s team managed to kick the attackers out in early December.
“We have implemented structures and processes that minimize the risk of unauthorized external access to our systems and allow us to quickly detect, reconstruct, and recover in the event of an incident,” the car maker announced.
Allegedly, the hackers might have been looking for trade secrets. So, they were trying to help develop the privately owned Vietnamese automotive start-up VinFast. At the moment, this depends almost 100% on the German manufacturers.
Although Hyundai’s corporate network was apparently also targeted, there are no details about that.
BMW and Hyundai were not random targets
APT32 also targeted political activists and free speech supporters inside across south-east Asia, according to FireEye. But it usually conducts cyber-espionage activities and targets foreign businesses with interests in Vietnam’s manufacturing, consumer products and hospitality sectors.
“The targeting of private sector interests by APT32 is notable, and FireEye believes the actor poses significant risk to companies doing business in, or preparing to invest in [Vietnam],” the security vendor said.
“While the motivation for each APT32 private sector compromise varied—and in some cases was unknown—the unauthorized access could serve as a platform for law enforcement, intellectual property theft or anti-corruption measures that could ultimately erode the competitive advantage of targeted organizations,” FireWire mentioned.
The fact that they compromised BMW and Hyundai proves that the group is very daring when planning its attacks.