It appears BMW’s agreement with Vietnam’s VinFast has made the company a target of hackers attempting to steal trade secrets.
According to Bayerischer Rundfunk, a hacker group known as OceanLotus targeted BMW this spring. As part of the operation, hackers installed a tool called Cobalt Strike and then used it to attempt to gather confidential information.
Security experts at BMW caught wind of this and reportedly spent several months monitoring the hackers before cutting off their access this month. Thankfully, the attack appears to have been a failure as a security expert said the hackers likely didn’t get sensitive information and wouldn’t have been able to access systems at the company’s headquarters in Munich.
BMW didn’t say much about the incident, but told BR “We have implemented structures and processes that minimize the risk of unauthorized external access to our systems and allow us to quickly detect, reconstruct, and recover in the event of an incident.”
OceanLotus has reportedly been operating since 2014 and is believed to be to be a state-sponsored hacking group supported by Vietnam. While that connection isn’t definitive, the group often targets Vietnamese dissidents and countries that Vietnam sees a potential rival or threat.
The group is also said to have targeted Hyundai, but little is known about that particular effort. It also remains unclear if any other automakers were targeted.
That latest hack shouldn’t come as much of a surprise as the FBI warned auto companies they could be targets of “ransomware infections, data breaches leading to the exfiltration of personally identifiable information, and unauthorized access to enterprise networks.” At the time, the FBI said several of these attacks have been successful and they allowed hackers to steal sensitive information, conduct illegal wire transfers and receive ransom payments.