Volvo Cars have released a statement confirming a breach of sensitive files that resulted from a cyberattack.

Recommends

• Best VPN services
• Best security keys
• Best antivirus software
• The fastest VPNs

Volvo said it is now aware that "one of its file repositories has been illegally accessed by a third party."

"Investigations so far confirm that a limited amount of the company's R&D property has been stolen during the intrusion. Volvo Cars have earlier today concluded, based on information available, that there may be an impact on the company's operation," Volvo said in a statement. 

"After detecting the unauthorized access, the company immediately implemented security countermeasures including steps to prevent further access to its property and notified relevant authorities." 

Volvo added that it is still in the process of investigating the incident and has hired a cybersecurity firm to help "investigate the property theft." 

The attack did not have "an impact on the safety or security of its customers' cars or their personal data," the company noted in their statement. But they conditioned the statement by saying this was only based on their "currently available information."

Bleeping Computerreported that the Snatch ransomware group has claimed responsibility for the attack after adding the company to its leak site on November 30. The group already published a small portion of the documents they stole on their leak site. 

According toSophos, the group has been active since 2018 and gained notoriety in 2019 for a novel trick where they were able to bypass antivirus software by rebooting an infected computer into Safe Mode and running the ransomware's file encryption process from there.

The group became known for buying access into victim networks and lurking for days and weeks, expanding their foothold in a company before initiating the ransomware process. 

The group also became well known as a ransomware gang that engaged in data theft in addition to encrypting victim networks. 

Erich Kron, security awareness advocate at KnowBe4, said most ransomware is spread through phishing emails or through exploiting RDP instances open to the internet, noting that this was a hallmark of Snatch. 

"The Snatch gang makes great use of RDP in infection and lateral movement within an organization. To defend against these attacks, organizations are wise to ensure employees are trained on the importance of using complex passwords and not reusing passwords with other accounts. Organizations should also be on high alert for brute force attempts against RDP," Kron said. 

Security

8 habits of highly secure remote workersHow to find and remove spyware from your phoneThe best VPN services: How do the top 5 compare?How to find out if you are involved in a data breach -- and what to do next

• 8 habits of highly secure remote workers
• How to find and remove spyware from your phone
• The best VPN services: How do the top 5 compare?
• How to find out if you are involved in a data breach -- and what to do next