A motorcycle dealer’s website in Australia is infected with malware. 

Cybersafetyconnections April 15^th, 2024, vol# 164 

• According to konbriefing there was a cyberattack on MotorCycle Holdings / Sherco, Lambretta, located in Springwood, Queensland, Australia. 

• The company, customers, shareholders and stakeholders were impacted. 

• No threat actor has been identified yet. 

• This cyberattack may have happened because of weak controls at the third party hosted server. 

• MotorCycle Holdings took steps to mitigate loss from the cyberattack and Copilot also provided input of loss prevention. 

What happened? 

Insertion of a malicious code 

From cyberdaily.au MotorCycle Holdings, an ASX-listed company, recently suffered a data breach due to unauthorized access gained by a threat actor to a web server hosted by a third-party vendor. 

Who was impacted? 

Stakeholders for a cohesive and sustainable world 

MotorCycle Holdings, its customers, shareholders and stakeholders. 

Why did this happen? 

HTTP Cookie 

Could we say because the websites were hosted on a third-party webserver the threat actor was able to gain access and inserted malicious code into the websites? There is information that the company’s internal system is secure. 

Which criminal group is responsible? 

Hacker Photo – Free Image HD 

No threat actor has been identified yet.  

How MotorCyle Holdings mitigated loss from cyberattack 

OWASP Threat and Safeguard Matrix 

 The steps taken to mitigate loss are discussed below along with Copilot suggestions. 

• MotorCycle Holdings is notifying affected customers individually, while those not contacted were not impacted by the breach. 

•  Fortunately, the company’s internal systems remain secure, as the attack targeted a third-party vendor. 

•  However, the party responsible and their motivations remain unknown, and any material or financial losses resulting from the breach are yet to be determined.  

• MotorCycle Holdings pledges to keep customers, shareholders, and key stakeholders informed as their investigation continues¹. 

Copilot on: 

How to mitigate the loss form cyber-attack on Motocycle holding 

To mitigate the impact of a cyber-attack on MotorCycle Holdings, consider implementing the following measures: 

1. Craft a Disaster Recovery Plan (DRP):  

• Develop a comprehensive DRP that addresses data protection, data restoration, offsite backups, system reconstitution, configurations, and logs. Continuously review and update this plan1.  

2. Immediate Response Strategy: 

• Act Proactively: Implement the prepared and practiced game plan immediately after a cyber attack. This helps reduce the impact of business interruption and facilitates efficient recovery for lost income and mitigation expenses². 
• Assess Damage: Understand how the breach occurred to prevent cybercriminals from replicating the attack. Evaluate the extent of damage to enhance network security and patch vulnerabilities³. 

3. Communication and Transparency: 

• Notify Affected Customers: Reach out to customers individually if their personal information is exposed. Provide clear communication about the breach. 
• Keep Stakeholders Informed: Regularly update customers, shareholders, and key stakeholders as the investigation continues⁴.️ 

Learn more 

1jpmorgan.com2policyholderperspective.com3bdo.com4cyberdaily.au 

Copilot on: 

How can they prevent similar incidents in the future? 

To prevent similar incidents in the future, organizations can take several proactive steps: 

4. Incident Response Plan (IRP): 

• Develop a comprehensive IRP that outlines procedures for detecting, containing, and recovering from incidents. Regularly review and update this plan to stay prepared¹. 
• Apply Security Patches: Ensure timely application of security patches and updates to prevent vulnerabilities that attackers exploit¹. 
• Remove Malware and Unauthorized Accounts: Regularly scan systems for malware and unauthorized accounts, removing them promptly¹. 
• Implement Additional Security Controls: Strengthen security by adding extra layers of protection, such as firewalls, intrusion detection systems, and access controls¹. 

5. Post-Incident Analysis: 

• Conduct a thorough analysis of the incident to extract valuable lessons. 
• Implement measures based on these lessons to prevent similar incidents in the future¹. 

6. Share Information: 

• Share indicators of compromise through trusted channels to help other institutions detect and prevent similar incidents². 

7. Continuous Improvement: 

• Continuously monitor and analyze incident data to identify trends. 
• Implement changes to improve incident management and prevent future incidents³. 

Learn more 

1wirexsystems.com2er.educause.edu3splunk.com4ask-ehs.com5ideagen.com6resolver.com+2 more 

Conclusion 

Remember that cybersecurity is an ongoing effort, and organizations must remain vigilant to protect against evolving threats. 🛡️

Subscribe to get the latest post.