Vehicles are throughout society. People may have multiple vehicles at a residence for their children, spouse, or collectibles. These are also used in multiple ways for an increasing number of years. The vehicles begin to age, they tend to need more repairs. The establishments repairing vehicles do much of the work manually. The backbone of the operations are still run with computers. Where there is an issue with the system, the garage does not operate well. This can especially be a problem when malware is introduced into the system for a chain of garages.
Kwik Fit is one of these organizations. This is a chain of garages focused on repairing vehicles. The organization had the unfortunate opportunity to be targeted, and successfully attacked. The issue became apparent when their clients began to complain on Twitter. The symptom which brought this on was their clients could not reach the business when calling. The complaints began to pick up, as it appeared the call center was down. Naturally, this was a significant issue for the business. While they began the investigation, management acknowledged via a tweet they were having technical difficulties. This was from the malware being introduced into the system. It does appear this was a ransomware attack, however, the details were not reported.
The effect of this was rather quick and direct. The business was not able to accept and schedule work, or process orders. The system was down from January 26 to at least February 1, 2019. They don’t believe any of their client’s records had been breached. On a positive note, they did state the customer’s financial information was not stored there.
It would have been much more helpful to the industry if a bit of the attack information would have been shared. Given this is not the optimal situation, however, once the damage was done and issue remediated, others could have learned from this.
Corfield, G. (2019, January 31). Kwik-fit hit by MOT fail, that’s malware on target. Retrieved from https://www.theregister.co.uk/2019/01/31/kwik_fit_malware_it_systems_down/
IT Pro. (2019). Kwik fit hit by malware, knocking out IT systems. Retrieved from https://www.itpro.co.uk/security/32880/kwik-fit-hit-by-malware-knocking-out-it-systems
Rumney, S. (2019, January 30). Kwik fit garages hit by computer virus. Retrieved from https://www.bbc.com/news/technology-47062480
Winant, D. (2019, February 1). Kwik fit hit by malware knocking out IT systems. Retrieved from https://seclists.org/dataloss/2019/q1/105
About the Author - Charles Parker, II has been working in the info sec field for over a decade, performing pen tests, vulnerability assessments, consulting with small- to medium-sized businesses to mitigate and remediate their issues, and preparing IT and info sec policies and procedures. Mr. Parker’s background includes work in the banking, medical, automotive, and staffing industries.
Share on Facebook
Share on Twitter
I'm busy working on my blog posts. Watch this space!