The Industry’s Only SaaS-Delivered Enterprise DLP

Our unique approach to DLP allows for quick deployment and on-demand scalability, while providing full data visibility and no-compromise protection.

No-Compromise Data Protection is:

  • Cloud-Delivered
  • Cross Platform
  • Flexible Controls
DATAINSIDER

Digital Guardian's Blog

Malware Knocks Car Inspection Systems Offline in 8 States

by Chris Brook on Wednesday April 7, 2021

Contact Us
Free Demo
Chat

Following a malware attack last week, systems in some states will be offline for the remainder of the week.

The effects of a malware attack that forced vehicle inspection programs around the country offline a week ago could linger in some states for another week, at least.

Applus Technologies, the Wisconsin-based emissions company whose technology is used for motor vehicle emissions and safety testing at thousands of inspectors is preventing drivers from getting their cars inspected in eight states, including Massachusetts, Connecticut, Georgia, Idaho, Illinois, Utah, and the company's native Wisconsin.

The company said last week that a malware attack on Tuesday, March 30, forced the company to take action by shutting down its computer network.

In Massachusetts, where Applus has an office in Shrewsbury, the state's Registry of Motor Vehicles said Tuesday that there would be no inspections for the rest of the week.

"We continue to urge Applus to safely & swiftly restore services & provide additional info on the extent of the outage's impact," the RMV said Tuesday via a statement on Twitter, suggesting the ordeal is very much out of the state’s hands.

Applus has been exceptionally vague on details around the attack so far; it's unclear what the initial attack vector may have been - whether the malware was delivered via phishing or another method, whether it was ransomware or malware, what strain of malware it was, if any drivers' personal information was compromised, and so on.

While Applus' website is scant on details, the Massachusetts RMV site suggests a component, either a piece of hardware or code, is needed to restore workstations impacted by the malware. The state’s RMV says stations impacted by the attack will receive a package beginning April 7 that contains "important materials for the restoration of your MA Vehicle Check Program workstation(s)."

Once stations receive that package, they should theoretically be able to exit the second stage of the state's three-part plan. Currently, stations are in the restoration and system testing phase, something which involves a "deliberate and methodical resetting of Applus Technologies' IT environment."

The Boston Globe reported Wednesday that assuming stations receive the package, Applus plans to conduct a virtual meeting with service station owners and managers Friday to provide an update on the incident but that all inspections in the state are on hold through Sunday.

The malware attack appears to have affected states in different ways.

While Massachusetts’ systems don’t sound like they’ll be online until next week, other states are attempting to revive theirs this week.

On Wednesday, the Georgia Environmental Protection Division and the Georgia Department of Revenue said that the Vehicle Emissions Inspect and Maintenance Program had been restored and that emissions tests would be available Thursday.

In Illinois, vehicle emission testing is conducted through the Illinois Air Team; which said its still experiencing a network outage as of Wednesday afternoon.

Like most businesses hit by malware, Applus said this week that its engaged computer forensic experts to look into the attack further and install security measures to prevent it from occurring in the future. What those measures are are unclear at this point. "Once our investigation is complete, we will provide an update to everyone on the results of the forensic analysis," Applus said in a Q&A to stations on Sunday.

Tags: Malware

Recommended Resources


  • Why Data Classification is Foundational
  • How to Classify Your Data
  • Selling Data Classification to the Business
  • How to simplify the classification process
  • Why classification is important to your firm's security
  • How automation can expedite data classification

Chris Brook

Chris Brook is the editor of Data Insider. He is a technology journalist with a decade of experience writing about information security, hackers, and privacy. Chris has attended many infosec conferences and has interviewed hackers and security researchers. Prior to joining Digital Guardian he helped launch Threatpost, an independent news site which is a leading source of information about IT and business security for hundreds of thousands of professionals worldwide.