Currently reading: Renault and Nissan targeted by ransomware hackers
Production at Nissan's Sunderland plant affected by same cyber attack that hit NHS

Renault and Nissan have been attacked by online hackers, affecting production at Nissan's Sunderland factory.

The attacks are reported to have been carried out by the same group which attacked the NHS this week. The BBC reports Renault is the first French company to be affected by the cyber attack, which steals and encrypts files and documents, before demanding a fee of $300 (around £230) to de-crypt them. In total, around 75,000 systems in 99 countries are believed to have been affected.

A Renault UK spokesman said: "Groupe Renault confirms it was impacted by the global cyber attack that began late on Friday May 12. It consists of a Ransomware virus. Proactive measures were taken immediately in order to stop the spread of the Virus and protect the group. A full diagnosis is in progress in order to put in place the appropriate solutions to resume operations."

Nissan's Sunderland plant, where the Nissan Qashqai and Infiniti Q30 are made, has also been affected.

"Like many organisations our plant was subject to a ransomware attack affecting some of our systems on Friday evening," said a spokesman. "We are working to resolve the issue."

Most affected organisations so far have been state owned. Renault is part-owned by the French government, while other targets include the NHS and Russian state-owned rail services. It's unknown who is behind the global attack, and Europol is investigating. Nissan is part of the Renault-Nissan Alliance partnership.

Read more: 

Car hacking: how cyber security is stepping up

Harman demonstrates first ever live car hack at CES

Autonomous cars to have ‘thousands of security risks’

Tesla responds to Model S hacking by Chinese security company

New simulator to combat threat of autonomous car hacking

Volkswagen locking software hacked by researchers, millions of cars implicated


Join the debate

Add a comment…
steve-p 14 May 2017

Not just XP

It's just that Microsoft have only recently decided to patch this issue in XP, Vista and Windows 8, despite having said none of them would receive no more patches, ever. They had already issued updates for other Windows versions last month, which were also equally vulnerable. Does this mean Microsoft are the good guys? Not really. It's already happened. They could and should have produced these updates at the same time as for the other Windows versions. And their lazy complacent corporate culture under the previous CEO is what has led to Windows having more holes than a Swiss cheese. It was obvious to many industry observers that this particular vulnerability was a huge problem, as bad as it gets.

There's a lot of blame to be distributed here, really. Of course, the hackers are mostly responsible, but it needs saying that corporate victims are victims of their own employers weak IT governance which had not ensured these critical patches had been applied. It's like they left a back door unlocked and carried on regardless, despite this vulnerability (and the patch) being well publicised over the last month. So it's OK to feel sorry for them, but at the same time, someone should get fired for this at every corporate or institutional victim, because they didn't do their job.

Also leading the list of villains is the US National Security Agency, which found this vulnerability and had been using it for perhaps years to covertly access computer systems around the world without disclosing it to anyone, because they didn't want it fixed. And then it got leaked, and the rest is history.

Uncle Mellow 13 May 2017


Surely this attack only affects people running Windows XP ? Which we were all told was no longer secure.... Or am I mistaken ?