Comment on Ferrari Hit By Ransomware Attack: 7 GB Of Data Published Online – Expert Comments by Patrick Wragg

Whilst Ferrari are still denying its systems have been breached. If I were Ferrari, I would be spending a large amount of effort into firstly identifying what files were leaked and secondly, and most importantly, tracing how they got out. Perhaps they were only accessible by a subset of people? Perhaps access to these files is audited? They need to be forensically analysing logs and ensuring that sufficient log retention is in place in case they roll over. Once the “how” has been answered, the “why” needs to be answered next; was this an insider job? Or is it part of a larger breach?