Contents:
On Monday, in a Form 8-K filing with the Securities and Exchange Commission (SEC), Navistar International Corporation declared it discovered a believable possible cybersecurity menace to its information technology system on May 20, 2021.
According to the organization, unknown threat actors have stolen private information from its network following the cyberattack.
Navistar International Corporation is an American holding company that operates as the owner of an International brand of trucks and diesel engines. The company also produces military vehicles through its Navistar Defense subsidiary along with bus production through IC Bus.
The organization stated that instantly took the necessary actions to control and lessen the impact of the data breach, and also started an inquiry into the problem, hiring security and forensics specialists.
Navistar also took measures to improve the protection of its IT infrastructure and keep the data contained inside safe and declares that its systems continued to operate at maximum capacity.
The company stated:
Upon learning of the cybersecurity threat, the Company launched an investigation and undertook immediate action in accordance with its cybersecurity response plan, including employing containment protocols to mitigate the impact of the potential threat, engaging internal and third-party information technology security and forensics experts to assess any impact on the Company’s IT System, and utilizing additional security measures to help safeguard the integrity of its IT System’s infrastructure and data contained therein.
Nevertheless, at the end of May, Navistar “received a claim that certain data had been extracted from” its network.
The company said it keeps investigating “and address the scope and impact of the cybersecurity incident” and has already contacted law enforcement on the matter. It also declared that the investigation is in progress and there are no further details at that moment.
The measures described above are ongoing as the Company, with the assistance of third-party experts, continues to investigate and address the scope and impact of the cybersecurity incident.
Navistar didn’t provide technical information on the cyberattack, but there is a high chance that a ransomware gang might have been behind it, given the rising number of ransomware attacks seen lately.
In May, Colonial Pipeline, the largest fuel pipeline operator in the U.S. was impacted by a DarkSide ransomware attack that forced the company to take some systems offline, temporarily shut down pipeline operations and several IT systems.
At the beginning of this week, JBS Foods, the world’s largest meatpacking organization, was also forced to shut down production at several sites all over the world following a REvil ransomware cyberattack. The attack affected multiple JBS production facilities globally over the weekend, including those from the United States, Australia, and Canada.
During these attacks, cybercriminals steal victim information to use it in order to force them to pay a ransom under the threat of publicly leaking it on exclusive dark web leak sites or through other methods.