Security

Toyota rear-ended by twin cyber attacks that left ransomware-shaped dents

Oh what a feeling, and in the same week as automaker announced new production pauses


Toyota has admitted to a pair of cyber-attacks.

The first hit the European operations of its subsidiary Daihatsu Diesel Company, a Toyota-owned company entity that designs engines. In a statement [PDF] dated May 16th, Daihatsu said it “experienced a problem in accessing its file server in the internal system on 14 May 2021.”

“After a brief investigation, a cyber-attack by an unauthorised access from a third party was confirmed as a cause of this issue,” the statement adds. Daihatsu stopped whatever it was spreading to other offices, kicked off an investigation and promised an update. None has been forthcoming at the time of writing.

Numerous Japanese outlets, meanwhile, are reporting that Toyota subsidiary Auto Parts Manufacturing Mississippi has revealed a ransomware attack. The reports say that some financial and customer data was exfiltrated and exposed, a tactic that ransomware purveyors use to gain leverage for their financial demands. Auto Parts Manufacturing Mississippi has not paid and was not disrupted, the reports say.

Toyota’s tech woes come on top of its decision to halt three production lines in two plants for several days in June, lack of parts. While the automaker’s announcement doesn’t mention a shortage of silicon, it’s widely accepted that’s the case.

Toyota Japan has apologised for the production problems, but also pointed out it has 29 production lines at 14 plants, so this slowdown isn’t a major reduction in output. ®

Send us news
5 Comments

Amazon investors nuke ethics overhaul and say yes to $212m CEO pay

Workplace safety, labor organizing, sustainability and, um, wage 'fairness' all struck down in vote

Amazon CEO Andy Jassy's first shareholder meeting was a rousing success for Amazon leadership and Jassy's bank account. But for activist investors intent on making Amazon more open and transparent, it was nothing short of a disaster.

While actual voting results haven't been released yet, Amazon general counsel David Zapolsky told Reuters that stock owners voted down fifteen shareholder resolutions addressing topics including workplace safety, labor organizing, sustainability and pay fairness. Amazon's board recommended voting no on all of the resolutions.

Jassy and the board scored additional victories in the form of shareholder approval for board appointments, executive compensation and a 20-for-1 stock split. Jassy's executive compensation package, which is tied to Amazon stock price and mostly delivered as stock awards over a multi-year period, was $212 million in 2021. 

Continue reading

Confirmed: Broadcom, VMware agree to $61b merger

Unless anyone out there can make a better offer. Oh, Elon?

Broadcom has confirmed it intends to acquire VMware in a deal that looks set to be worth $61 billion, if it goes ahead: the agreement provides for a “go-shop” provision under which the virtualization giant may solicit alternative offers.

Rumors of the proposed merger emerged earlier this week, amid much speculation, but neither of the companies was prepared to comment on the deal before today, when it was disclosed that the boards of directors of both organizations have unanimously approved the agreement.

Michael Dell and Silver Lake investors, which own just over half of the outstanding shares in VMware between both, have apparently signed support agreements to vote in favor of the transaction, so long as the VMware board continues to recommend the proposed transaction with chip designer Broadcom.

Continue reading

Perl Steering Council lays out a backwards compatible future for Perl 7

Sensibly written code only, please. Plus: what all those 'heated discussions' were about

The much-anticipated Perl 7 continues to twinkle in the distance although the final release of 5.36.0 is "just around the corner", according to the Perl Steering Council.

Well into its fourth decade, the fortunes of Perl have ebbed and flowed over the years. Things came to a head last year, with the departure of former "pumpking" Sawyer X, following what he described as community "hostility."

Part of the issue stemmed from the planned version 7 release, a key element of which, according to a post by the steering council "was to significantly reduce the boilerplate needed at the top of your code, by enabling a lot of widely used modules / pragmas."

Continue reading

Campaigners warn of legal challenge against Privacy Shield enhancements

Schrems III on the cards unless negotiators protect better oversight of US data access requests

European privacy campaigner Max Schrems is warning that enhancements to the EU-US Privacy Shield data-sharing arrangements might face a legal challenge if negotiators don't take a new approach.

In an open letter, Schrems – the lawyer behind the Schrems II ruling which put an end to the transatlantic data-sharing agreement – said that US assurances of EU citizens' data privacy would be insufficient to avoid another legal challenge.

"We understand that the US has rejected any material protections for non-US persons and is continuing to discriminate against non-US persons by refusing baseline protections, such as judicial approval of individual surveillance measures," the lawyer wrote.

Continue reading

Windows Subsystem for Linux 2 splashes down on Win Server 2022

I don't think it's going to happen, I don't think it's going to happen... It happened

Windows Server 2022 now supports Windows Subsystem for Linux 2, as long as you don't mind installing a preview patch.

Less than a week after users posted glum comments such as: "I don't think it's going to happen," it did, with the news coming from Microsoft Program Manager Craig Loewen last night.

Continue reading

'Sharp' chip inventory correction looms on horizon, warns investment banker

Double ordering, overheating of semiconductor sector, inflation, growing stockpiles = trouble ahead

The chip industry is on course for an inventory correction in the second half of 2022 or early 2023 with steep inflation, signs of end-user demand slowing, and companies building stockpiles among the causes.

This is according to a report from analysts at Jefferies Group, which advises investors on where to place their bets. And seemingly the smart money isn't currently on all suppliers in the semiconductor sector.

Infineon and STMicroelectronics, for example, were de-rated by the Group in February to an "underperform recommendation." It said today this was in the expectation that the share price of those companies wobbles before calendar year-end "as they price-in likely earnings cuts in 2023 from an inventory correction."

Continue reading

Elon Musk needs more cash for Twitter buy after Tesla margin loan lapses

Entrepreneur now looking at $33.5b bill if he wants to complete $44b purchase

Elon Musk must personally secure $33.5 billion to fund his $44 billion Twitter purchase after allowing a $12.5 billion margin loan against Tesla stock to expire.

Regulatory filings released Wednesday show the Tesla and SpaceX boss agreeing to secure "an additional $6.25 billion in equity financing" on top of the original $27.3 billion.

The Tesla boss's Twitter purchase originally relied on $21bn of equity that he had to provide along with $12.5bn in margin loans secured by his Tesla stock. That margin loan was dropped to $6.25bn on May 5, and this additional financing would eliminate it altogether.

Continue reading

UK government reviewing stake in BT owned by French tycoon Patrick Drahi

First use of National Security and Investment Act powers as Altice owner looks poised to increase stake further

The UK government has kicked off a national security assessment on the investment in BT by French telco tycoon Patrick Drahi, who via his Altice UK organisation topped up his stake to 18 percent late last year.

Announced today, the probe is understood to be one of the first such uses of new powers the UK government granted itself under the National Security and Investment Act, which came into force at the start of the year.

In a statement, the government said the acquisition by Altice UK in December of a further 6 percent of shares in BT was called in for a full national security assessment by Business Secretary Kwasi Kwarteng.

Continue reading

Minimal, systemd-free Alpine Linux releases version 3.16

A widespread distro that many of its users don't even know they have

Version 3.16.0 of Alpine Linux is out – one of the most significant of the many lightweight distros.

Version 3.16.0 is worth a look, especially if you want to broaden your skills.

Alpine is interesting because it's not just another me-too distro. It bucks a lot of the trends in modern Linux, and while it's not the easiest to set up, it's a great deal easier to get it working than it was a few releases ago.

Continue reading

Verizon: Ransomware sees biggest jump in five years

We're only here for DBIRs

The cybersecurity landscape continues to expand and evolve rapidly, fueled in large part by the cat-and-mouse game between miscreants trying to get into corporate IT environments and those hired by enterprises and security vendors to keep them out.

Despite all that, Verizon's annual security breach report is again showing that there are constants in the field, including that ransomware continues to be a fast-growing threat and that the "human element" still plays a central role in most security breaches, whether it's through social engineering, bad decisions, or similar.

According to the US carrier's 2022 Data Breach Investigations Report (DBIR) released this week [PDF], ransomware accounted for 25 percent of the observed security incidents that occurred between November 1, 2020, and October 31, 2021, and was present in 70 percent of all malware infections. Ransomware outbreaks increased 13 percent year-over-year, a larger increase than the previous five years combined.

Continue reading

Slack-for-engineers Mattermost on open source and data sovereignty

Control and access are becoming a hot button for orgs

Interview "It's our data, it's our intellectual property. Being able to migrate it out those systems is near impossible... It was a real frustration for us."

These were the words of communication and collaboration platform Mattermost's founder and CTO, Corey Hulen, speaking to The Register about open source, sovereignty and audio bridges.

"Some of the history of Mattermost is exactly that problem," says Hulen of the issue of closed source software. "We were using proprietary tools – we were not a collaboration platform before, we were a games company before – [and] we were extremely frustrated because we couldn't get our intellectual property out of those systems..."

Continue reading