Even as losses mount, Jaguar Land Rover said it will extend until at least October 1 the production shutdown triggered by a cyberattack last month. The incident comes at a time when a growing number of other automakers are struggling to fend off hackers. Headlight.News has more.
Hackers have stepped up attacks on the auto industry.
Jaguar Land Rover’s global production network will remain idled until at least October 1, the automaker extending for a week the shutdown triggered by a cyberattack late last month.
The situation highlights the fact that a growing number of automakers, most recently including BMW and Stellantis, are struggling to fend off attacks by hackers that, at least in some cases, may be linked to criminal groups in Russia, North Korea and other rogue states.
Industry analysts estimate the production shutdown at JLR is generating losses of at least $70 million a week through lost sales. It also is impacting tens of thousands of jobs, both at the automaker and throughout its supply chain.
The latest
The JLR Solihull plant is one of the production sites idled since August 31.
Hackers launched a cyberattack against JLR on August 31. It quickly brought the company to its knees, halting production at a global network, with plants in Slovakia, Brazil, India and China, as well as the UK.
JLR, which is owned by India’s Tata Motors, has said little about the incident and it is unclear whether it’s a case of ransomware, where hackers take control of a computer network and will only release access to critical software and data once they’re paid off. A ransomware attack against automotive data service provider CDK Global last year only ended with what was widely believed to be a payment of $25 million.
What is clear is that JLR was unable to resume operations, as initially expected, on September 24. It has now extended the shutdown through October 1, though some industry analysts have warned it could extend into November.
Broad impact
Thousands of JLR workers, including these at the Solihull plant, have been idled. But so have thousands of supplier employees.
In a statement, JLR said it extended the production restart “to give clarity for the coming week as we build the timeline for the phased restart of our operations and continue our investigation.”
The shutdown has effectively left JLR without an income stream since its earnings come from sales to dealers, rather than consumers. The losses are reportedly mounting as the company normally produces about 1,000 vehicles a day. The hit to the balance sheet, by various estimates, is running around $70 million a week.
All told, JLR employs about 30,000 people worldwide. It hasn’t said how many of those, beyond line workers, have been idled. But the impact extends far beyond the company itself, with tens of thousands of other workers now idled at suppliers. Complicating matters, JLR is struggling to come up with cash to pay what it already owes those vendors.
More Auto News
- Stellantis, BMW, Jaguar Targeted by Hackers
- CDK Pays $25 Million to End Cyberattack
- High-Tech Autos Take the Stage
Hackers target other automakers
The BMW attack came through a third-party vendor.
The JLR cyberattack comes at a time when cyber criminals are escalating their attacks on businesses, government offices, utilities and even individuals. Automakers provide a wide range of doorways through which hackers might be able to gain access, said Sam Abuelsamid, lead analyst with Telemetry Research. And they have deep pockets out of which cyber criminals hope to take cash.
BMW is one of the latest automakers to be targeted, in this case by Everest, a notorious cybergang with ties to Russia. On September 14, the hacker group’s blog reported that it obtained “Critical BMW Audit Documents.” A countdown timer gave the Bavarian automaker just a matter of days to meet its demands before the group said a “recording” would be released.
Officially, BMW has said little about the attack but a senior company source, asking to speak on background, told Autoblog that it actually was a third-party vendor whose “system was compromised.” The attack did yield some documents, the BMW official said, but insisted they are of little use, adding that “All systems, including production, are fully operational for us.”
Then, on Sunday, September 21, Stellantis revealed one of its vendors, “a third-party service provider’s platform that supports our North American customer service operations,” had also been hit with a cyberattack. In this case, some basic customer information, including names and contact information, were accessed, Stellantis acknowledged in a statement on its website. But it claims more personal information, including social security and credit card numbers, were not obtained by the hackers.
0 Comments