FBI lends helping hand in Continental breach investigation


The Federal Bureau of Investigations (FBI) has joined an ongoing investigation into a ransomware attack on Continental, a German tire and car parts company. The gang LockBit is behind the breach.

At first, Continental’s chairman Wolfgang Reitzle and other key decision-makers were not in the mood to cave into LockBit’s demands and pay a lofty ransom. Continental even claimed it retained full control of its IT systems back in August when it reported the breach.

But the LockBit hackers stood their ground, too, and put the stolen data – reportedly around 40 terabytes – up for sale after Continental refused to pay up. The set price is $50 million.

ADVERTISEMENT
Lockbit's renewed threat issued to Continental on its website
In a bulletin reminiscent of a regular advert, LockBit offers to flog stolen data for $50m

The amount of data is significant and possibly includes sensitive information from companies such as Volkswagen, BMW, and Mercedes. A German daily Handelsblatt also reported that the stolen data might contain minutes of supervisory board meetings, draft resolutions, and presentations by Continental’s board of directors.

According to Handelsblatt’s sources, the US federal police have now joined the investigation of the cyberattack, even though both Continental and the FBI have provided no comments so far.

It’s unclear who precisely called the powerful US agency in. But Continental operates several plants in America, so there is a possibility that some of the stolen data might be related to them.

The German tech news website Heise also reported that Continental discovered the intrusion relatively quickly back in August – this actually saved the company millions.

According to Heise, it took Continental only a month to notice the breach – the attackers gained access to the company’s network on July 4, and the firm announced later that the attack was discovered and averted on August 4.

IBM’s 2022 Cost of a Data Breach report claimed that it takes 277 days on average to identify and stop a cyber break-in

The FBI has been pursuing LockBit for some time now. According to Malwarebytes, the gang has been the most prolific ransomware collective this year – it boasted more confirmed infections (430) than its four closest competitors combined.

ADVERTISEMENT

Pundits think LockBit’s success stems from the group’s ability to combine a business-like approach with specialized technology. LockBit has also opted for a relatively under-the-radar approach.