Another week, and another major manufacturer falls victim to a ransomware attack. This time around, Kia Motors America, headquartered in Irvine, CA with nearly 800 dealers in the USA and cars/SUVs manufactured out of West Point, Georgia, was the target.

The ransom demand is significant, according to a post on Bleeping Computer, “To prevent the leak of the data and receive a decryptor, DoppelPaymer is demanding 404 bitcoins worth approximately $20 million. If a ransom is not paid within a specific time frame, the amount increases to 600 bitcoins, or $30 million.”

“DoppelPaymer and others are immensely more profitable when they target large organizations and disrupt their critical IT operations – in this case, KIA’s mobile UVO Link apps, payment systems, owner’s portals and internal dealership sites,” he says. “These ransomware scenarios should be factored into an organization’s incident response and business continuity plans. Beyond a technical response, decision makers need to be prepared to weigh the risks and consequences of alternate actions. Ransomware threat actors typically rely on spear phishing links or vulnerable public services to gain initial entry into a network. Afterward, they move laterally to gain access to as many nodes of the network as possible, allowing them to increase the magnitude of the disruption.”

Promero 24/7 Security Monitoring Services helps protect your organization.