The News: A subsidiary of Toshiba’s European operations were the victim of a DarkSide cyberattack on May 4th, and reported publicly on May 14th. The company reported that as a result of the attack, the company shut down network connections between Europe and Japan to mitigate potential risk as the hack is being investigated. More at Cyberscoop.
Toshiba’s European Operations Hit by Hacker Group DarkSide Cyberattack
Analyst Take: The DarkSide cyberattack on Toshiba’s European operations appears thus far to be limited to the company’s European operations and focused on Toshiba Tec, which sells POS systems for retailers. There’s not yet been confirmation by the Toshiba subsidiary of the scope of the leaked information, and an investigation is still underway.
This is the second cyberattack in recent times aimed at Toshiba, following an earlier attack that happened in France. Early on Friday May 12th, DarkSide took responsibility for that attack and claimed to have accessed over 700 GB of data. The data compromised in the France attack included data around projects, human resources, passports and personal information of employees (including executive management), sales, and new business and trade information.
Why Japanese Companies are Attractive Targets for Threat Actors
Takashi Yoshikawa, a cybersecurity expert with Mitsui Bussan Secure Directions was interviewed about these recent attacks on Toshiba and noted that attacks on Japanese companies are at their highest ever. He also stated something that we’ve discussed at length here: the fact that with so many employees working from home and remotely accessing company systems, organizations are more vulnerable to cyberattacks.
Yoshikawa indicated that he believes Japanese companies are attractive targets for threat actors as a whole, because they don’t properly estimate the time and resources needed to put the right security protections and protocols in place, and when they are advised about that, they don’t tend to take the advice. Perhaps soon they will learn and adjust that mentality.
My colleague and fellow analyst here at Futurum Research and I covered the Toshiba DarkSide attack in the most recent episode of the Futurum Tech Webcast, as part of our Cybersecurity Shorts series. You can find the brief conversation here:
Or access the entire episode, which includes a number of timely insights on cybersecurity-related topics, here:
Disclaimer: The Futurum Tech Webcast is for information and entertainment purposes only. Over the course of this podcast, we may talk about companies that are publicly traded and we may even reference that fact and their equity share price, but please do not take anything that we say as a recommendation about what you should do with your investment dollars. We are not investment advisors and we do not ask that you treat us as such.
More Insights from Futurum Research:
Shelly Kramer: Speaking of governments, I wanted to wrap up the show with just a couple of quick highlights, and a nod to the fact that it’s not just the US Government that has issues with cybersecurity.
I saw earlier today that a subsidiary of Toshiba’s European operations were the victim of a cyber attack, perpetuated by DarkSide, our friends DarkSide, on May 4th. And, the attack appears to be limited to Toshiba’s European operations, and focused on part of the company called Toshiba Tec, which sells point-of-sale systems for retailers. Think lots of personally customer identification that goes through point-of-sale systems. There hasn’t been a confirmation yet of the scope of the leaked information, an investigation is still underway. This is the second attack in recent times aimed at Toshiba, an earlier one happened in France. DarkSide took responsibility for the France attack, and claimed to have accessed over 700 gigs of data, including data around projects, human resources, senior executives, passports, and personal information of employees, sales, new business and trade information. So, when you think about, this is an example of what we’re talking about when we say Government goes in to protect all of this data, because there’s so much data involved.
The thing that I thought was really interesting, coming out of the Toshiba attack, was that a cybersecurity expert that was interviewed about this said that, “Attacks on Japanese companies are at their highest ever. And, the Japanese are very attractive targets for threat actors as a whole because they don’t properly estimate that time and resources needed to put the right security protections and protocols in place.” I don’t think the Japanese are alone here, by the way.
Fred McClimans: No, I don’t.
Shelly Kramer: “And, when they are advised, what they need to do, they don’t tend to take the advice.” So, I thought that was really interesting on a number of fronts related to these conversations.
Shelly Kramer is a Principal Analyst and Founding Partner at Futurum Research. A serial entrepreneur with a technology centric focus, she has worked alongside some of the world’s largest brands to embrace disruption and spur innovation, understand and address the realities of the connected customer, and help navigate the process of digital transformation. She brings 20 years' experience as a brand strategist to her work at Futurum, and has deep experience helping global companies with marketing challenges, GTM strategies, messaging development, and driving strategy and digital transformation for B2B brands across multiple verticals. Shelly's coverage areas include Collaboration/CX/SaaS, platforms, ESG, and Cybersecurity, as well as topics and trends related to the Future of Work, the transformation of the workplace and how people and technology are driving that transformation. A transplanted New Yorker, she has learned to love life in the Midwest, and has firsthand experience that some of the most innovative minds and most successful companies in the world also happen to live in “flyover country.”