Cyber ​​attack at BRP | Plans for the decade revealed by hackers

It’s the ordeal of gout for BRP. With the second published record, the hackers are increasing the pressure on the company. They reveal highly strategic documents on the new product development plan through the end of the decade, including details on its new electric snowmobile that have never been revealed before.

Posted at 5:00 am

Hugo Joncas

Hugo Joncas
The press

Julian Arsenal

Julian Arsenal
The press

One of the most sensitive documents circulated by the gang hacker the penetration of the company’s systems is a detailed time-to-market. It affects not just snowmobiles, but all of the company’s electric products, from new motorcycles to Manitou division pontoons, including personal watercraft and two-seater UAVs (side-by-side vehicles). This file even contains the possible names for the different models that could be marketed and the estimated sums for the design of the prototypes.

Friday, The press gave an overview of this first leak of information concerning the multinational Valcourt, which was broadcast on the hidden Internet (dark web). Meanwhile, our journalists were able to analyze the contents of the second data set, which the hackers uploaded on Wednesday to increase pressure on the company.

On their site, the cybercriminals claim that these “confidential documents” come from “several employees’ computers.”

A scoop in the data

The document they published on the new Ski-Doo lifts the veil on the vehicle’s expected autonomy, its top speed, the performance of its battery, as well as the new skis and a new suspension to be equipped.

According to a dealer who became aware of the details of the new electric snowmobile, this model was not introduced to dealers as part of the annual big gathering that took place just before the Aug. 8 cyberattack in Utah.

“These are really very precise figures,” said the dealer, who did not want to be named. It really is something. »

However, the name of the new model is mentioned in the data The press decided not to reveal it so as not to play into the hands of the pirates.

The leak also contains information for governments. A “private and confidential” document explains certain financial transactions conducted between BRP and its various subsidiaries in Quebec, the United States, Mexico and Europe.

These transactions are under scrutiny by the authorities because they sometimes allow companies to evade taxes.

Any more leaks coming?

For specialists, it is the typical extortion strategy used by a group of cybercriminals who want to be paid “as much as possible and as quickly as possible”. “That’s what happens when the victim doesn’t want to cooperate,” says cybersecurity expert Alexis Dorais-Joncas. It’s blackmail. »

Additionally, the gang’s behavior suggests they have yet to reveal information, according to Stéphane Auger, vice president of Équipe Microfix, an IT company that has helped more than one society recover from cyberattacks. “If they released everything, BRP would have no incentive to pay. »

He adds that there is no indication that the company is actually in talks with the group. “Hackers say they are negotiating with BRP, we don’t even know if that’s true,” he said.

One thing is for sure, the multinational recreational vehicle has no interest in it, according to him.

Even if they pay a ransom, they have no guarantee that the data won’t come out later. I wouldn’t pay if I were her.

Stéphane Auger, Vice President of the Microfix team

In all cases, BRP should assume that the information is public.

This is also the opinion of the Royal Canadian Mounted Police, which on a page on these cyber attacks “strongly” encourages victims “not to pay the ransom”.

Same position at the FBI telling victims not to bow down.

“Paying a ransom encourages threat actors to target more victims and encourages other criminals to engage in this type of illegal activity,” the US Federal Police ransomware site warns.

“If nobody paid, there would be no market,” says Alexis Dorais-Joncas. However, he recognizes that in some cases a victim must choose between “the virtue of not paying” and protecting their business.

BRP did not respond to questions from The press Friday. In a statement, the company instead expressed frustration with our coverage.

“We are staunch defenders of press freedom, but we are disappointed with the treatment of the news, which appears to encourage the work of criminal hackers,” read an unsigned email.

On Thursday, the company refused to provide information about possible contacts with hackers.

“We will not comment on any conversations or potential negotiations with cyber threat actors, including ransom payments. »

Learn more

  • $94.94
    BRP stock closing price on Friday on the Toronto Stock Exchange. The stock fell $5.91, or about 5.9%.

    Source: Toronto Stock Exchange

Leave a Comment