• Skip to primary navigation
  • Skip to main content
  • Skip to footer
Logo of Agilient Security Consultants, Australia

Agilient Security Consultants Australia

Cybersecurity & Risk Management Specialists

Menu
  • Home
  • Industries
      • Aviation
      • Defence & Defence Industry
      • Government
      • Health & Hospitals
      • Corrections and Detention
      • Maritime
      • Aged Care Facilities
      • Mining, Oil & Gas
      • Public Venues & Events
      • Rail
      • Research and Education Industry
      • Telecommunications
      • Utilities
    • advice-colleagues-communication-newIndustries
  • Services
      • Cybersecurity
      • Protective Security
      • Business Resilience
      • Building Security Consultants
      • Security Audits
      • Pandemic Planning
      • Electronic Security
      • IT Disaster Recovery Plan
      • Security Consultants
      • CCTV and Security Cameras
      • Duress Alarms
      • Security Risk Assessment Consultants
      • Managed Security Service Provider
      • Protection against Vehicles as a Weapon
    • training-1Services
  • Solutions
    • banner-menuUnisys Solutions
    • CTO-Blog-110619-Header-GraphicLookingGlass Solutions
    • menu-bg-2Dell Technologies (RSA) Solutions
    • Sightline-Visualization-menuSightline Solutions
  • Resources
    • menumanagers-dealing-customer-agreTraining
    • working-together-newJoin The Tribe
    • Webinars_3-1.jpgUpcoming and Past Events
    • hacking-detected-shutterstock_newResources
  • Articles
  • About
    • About Us
      We are an Australian owned and operated security company specialising in risk, cybersecurity, protective security, crisis and business continuity management services.
    • frequently-asked-questions-smallFAQ’s
    • bg-menu-government-institutionsConsultant Registration
  • Contact Us
Contact Us

Cyber-Attacks on Toyota Expose Flaws in Branch Offices

You are here: Home / Security News / Cyber-Attacks on Toyota Expose Flaws in Branch Offices

In an incident last year, Toyota’s Australian office reported an attempted cyber-attack, but advised they did not believe any private customer or employee data was accessed. A month later, the Toyota Head Office in Japan reported a security breach which involved unauthorized access to a server connected to the company’s network. Personal records of 3.1 million people were potentially compromised in the breach. There were also Toyota cyber-attacks reported in Thailand and Vietnam ten days before the Head Office release, although details on these attacks are scarce.

APT32

A persistent threat group known as OceanLotus or APT32 group is considered responsible for the Toyota cyber-attacks. APT32 is known for using sophisticated attacks and writing their own exploits. It is suspected that APT32 used the Australian attack as a foothold into Toyota’s infrastructure in order to reach the Head Office in Japan. Toyota declined to comment on this theory and refused to attribute the Australian attack to APT32.

Branch Offices Under Threat

Branch offices are usually part of a “trusted” internal network of a large company like Toyota, and are trusted insiders. It is also usually the case that branch offices hold less sensitive information and therefore have less investment in security controls. This may result in less stringent cybersecurity practices.

This was further mentioned in the recent webinar run by Agilient’s partner, Unisys. Jack Koons, Chief Cybersecurity Strategist at Unisys, referenced a recent attack that compromised an Australian executive’s email in order to defraud funds from US headquarters.

And it is not just overseas headquarters that may be threatened by this model. Branch offices within regional or state capitals in Australia can become complacent, and often staff are poorly trained in how to detect and handle cybersecurity or social engineering techniques, compared to head office staff.

Agilient has experienced consultants available to review cybersecurity measures within your organisation, along with providing ongoing security awareness training and security posture assessments.

Contact us today for a confidential discussion.

Author: David Steele, Agilient Consultant

Tweet
Share

Security News APT32,  cybersecurity,  cybersecurity training,  OceanLotus,  security awareness training,  Toyota,  Unisys

Looking for a security partner? Get in touch with Agilient.

Looking for practical and cost-effective security and risk solutions for your government department, agency or company? Speak with Australia’s leading senior security, risk and resilience experts.


Looking for a pandemic planning partner? Get in touch with Agilient.

Looking for practical and cost-effective risk management solutions for your government department, agency or company? Speak with Australia’s leading senior risk and emergency management experts.



Footer

Agilient is a proud member of

Ai Group Defence Council
Australian Industry & Defence Network
Australian Security Industry Association
Sydney Aerospace & Defence Interest Group

Company and Licensing Details:

ABN: 37 157 911 441
NSW Security Master Licence # 410783087
ACT Security Master Licence # 17502184
Vic Security Registration # 878-460-40S
Qld Security Firm Licence # 3834422

Join The Tribe

Sign up to receive our regular Agilient newsletter including the latest security, risk and resilience updates

Sign up now

Copyright © 2022 Agilient – Level 14, 275 Alfred St, North Sydney NSW 2060 Australia – 1300 341 692