A detailed investigation led by ZDF and Der Spiegel uncovered a significant data breach at Volkswagen (VW) which has been traced back to Chinese hackers.
This cyberattack, which has been underway between 2010 and 2015, saw the theft of crucial intellectual property, particularly focusing on e-mobility and automotive technologies.
Incident details
The espionage operation was first detected through a meticulous examination of over 40 internal documents and interviews with numerous insiders familiar with the case. It appears that the hackers targeted Volkswagen between 2010 and 2015, with a strategic focus on extracting detailed information about various automotive technologies, including internal combustion engines, transmission systems, and more innovatively, electric and hydrogen-powered vehicles.
Cybersecurity experts involved in the investigation managed to reconstruct the hack and identify the nature of the stolen data, which included about 19,000 documents related to key automotive innovations.
ZDF
Julia Klaus and Hakan Tanriverdi, who reported on the incident, highlighted the sophistication and persistence of the attacks, which were first initiated by probing VW’s IT infrastructure to find exploitable vulnerabilities. By 2011, the hackers had successfully penetrated the networks, with repeated data breaches occurring until 2014.
Implications for VW
The stolen data continues to have significant ramifications for the competitive landscape in the automotive industry, especially as German manufacturers like Volkswagen vie against Chinese companies in the electric vehicle market. According to Professor Helena Wisbert from Ostfalia University, who specializes in competitive strategies in the automotive industry, this stolen knowledge gives a considerable competitive edge and continues to play a “very large role” internationally.
In response to the breach, Volkswagen has confirmed the incident and emphasized their ongoing efforts to enhance IT security, acknowledging the importance of robust cybersecurity measures in the wake of the attack. The German Federal Office for Information Security (BSI), led by Claudia Plattner, also warned of ongoing risks to German industries from similar espionage activities.
This incident underscores the necessity for continuous improvement in cybersecurity practices among corporations, especially those with substantial intellectual property assets. This espionage act not only highlights the vulnerabilities that exist within large corporations but also the significant impact of cyberwarfare on global economic competitiveness.
Microsoft Uncovers APT28 Malware ‘GooseEgg’ used in Espionage Attacks
Leave a Reply