Hackers breached Nissan’s network stealing employees’ usernames and encrypted passwords and transmitted them to an outside server. Though refusing to say which employees had been targeted, what division of the car company they worked for or what the hackers might’ve been after, Nissan did report that it tracked the breach back to an IP.
David Reuter, a Nissan spokesperson said, “We do know the I.P. addresses but it really does not tell you a whole lot. Hackers can bounce things off servers all over the world, so the entry I.P. address is not necessarily where the hack originates. The trail goes cold pretty quickly.”
According to Nicole Perlroth in The New York Times, Nissan had waited a week to close holes in the network and clean up its systems before telling customers and employees about the breach and that nothing seems to have been stolen.
Shawn Henry, the FBI’s former top cybercop, noted, “There are two types of companies: companies that have been breached and companies that don’t know they’ve been breached. I’ve seen behind the curtain. I’ve been in all the briefings. I can’t go into the particulars because it’s classified, but the vast majority of companies have been breached.” Henry went on to say that, “The primary adversary is foreign intelligence services that are stealing corporate information.”
Richard Bejtlich, the chief security officer at Mandiant Corporation, an incident response and computer forensics company, said, “Japanese industry is very concerned about Chinese intruders, and now it appears names are coming to public notice.”
However, Shawn Henry said it could have been any one of a number of countries, “Dozens of countries have offensive cyber capabilities and cyberespionage plans in place. It’s not just one particular country that is doing this.”