It’s the ordeal of gout for BRP. With the second set of data they released, the hackers are increasing the pressure on the company. They unveil highly strategic documents on the development schedule of new products by the end of the decade, including details on its new electric snowmobile, never revealed until now.
Posted at 5:00 a.m.
One of the most sensitive documents disseminated by the gang of hackers having penetrated the company’s systems is a detailed time-to-market. It concerns not only snowmobiles, but also all of the company’s electrical products, from new motorcycles to pontoons from the Manitou division, including personal watercraft and two-seater UAVs (side-by-side vehicles). This file even contains the potential names for the different models that could be marketed as well as the estimated sums for the design of the prototypes.
Friday, The Press gave an overview of this first information leak affecting the Valcourt multinational, broadcast on the hidden web (dark web). Since then, our journalists have been able to analyze the contents of the second dataset, which the hackers uploaded on Wednesday, saying they wanted to increase the pressure on the company.
On their site, the cybercriminals claim that these “confidential documents” come from “the computers of several employees”.
A scoop in the data
The document they published on the new Ski-Doo lifts the veil on the expected autonomy of the vehicle, its maximum speed, the power of its battery as well as the new skis and a new suspension which must be equipped.
According to a dealer who became aware of the details of the new electric snowmobile, this model was not presented to merchants as part of the annual big meeting held in Utah, just before the cyberattack of August 8 last.
“It’s really very precise information, explained the dealer, who asks not to be identified. It’s really something. »
The name of the new model is mentioned in the data, but The Press decided not to reveal it so as not to play into the hands of the pirates.
The leak also contains information for governments. A “private and confidential” document explains certain financial transactions carried out between BRP and its various subsidiaries in Quebec, the United States, Mexico and Europe.
These transactions are closely scrutinized by the authorities because they sometimes allow companies to avoid tax.
More leaks to come?
For specialists, it is the typical extortion strategy of a group of cybercriminals who want to get paid “as much as possible, and as quickly as possible”. “That’s what happens when the victim doesn’t want to cooperate,” says cybersecurity expert Alexis Dorais-Joncas. It’s blackmail. »
Moreover, the behavior of the gang suggests that it still has information to divulge, according to Stéphane Auger, vice-president of Équipe Microfix, an information technology company that has helped more than a society to recover from cyberattacks. “If they had released everything, BRP would have no incentive to pay. »
He adds that there is no indication that the company is actually in discussions with the group. “Hackers say they are negotiating with BRP, we don’t even know if it’s true,” he said.
One thing is certain, the multinational recreational vehicle has no interest in doing so, according to him.
Even paying a ransom, they have no guarantee that the data will not come out later. In their place, I would not pay.
Stéphane Auger, vice-president of the Microfix Team
Either way, BRP should assume that the information is public.
This is also the opinion of the Royal Canadian Mounted Police, which “strongly” encourages victims “not to pay the ransom” on a page concerning these cyberattacks.
Same position at the FBI, which asks the victims not to bend.
“Paying a ransom encourages threat actors to target more victims and encourages other criminals to get involved in this type of illegal activity,” the US Federal Police ransomware page warns.
“If no one paid, there would be no market,” says Alexis Dorais-Joncas. He recognizes, however, that in some cases a victim must choose between “the virtue of not paying” and safeguarding his business.
BRP did not respond to questions from The Press Friday. In a statement, the company expressed frustration over our coverage instead.
“We are staunch defenders of freedom of the press, but we are disappointed with the treatment of the news which appears to promote the work of criminal hackers,” reads an unsigned email.
Thursday, the company had refused to give details of possible contacts with hackers.
“We will not comment on any discussions or potential negotiations with cyber threat actors, including any ransom payments. »
Learn more
-
- $94.94
- Closing price of BRP stock, Friday on the Toronto Stock Exchange. The stock fell $5.91, or about 5.9%.
Source: Toronto Stock Exchange