Go Back  Bike Forums > Bike Forums > General Cycling Discussion
Reload this Page >

Shimano Hacked - Not unexpected

Notices
General Cycling Discussion Have a cycling related question or comment that doesn't fit in one of the other specialty forums? Drop on in and post in here! When possible, please select the forum above that most fits your post!

Shimano Hacked - Not unexpected

Old 11-28-23, 06:40 PM
  #1  
skidder
Pennylane Splitter
Thread Starter
 
Join Date: Sep 2012
Location: Orange County, California
Posts: 1,853

Bikes: Yes

Mentioned: 13 Post(s)
Tagged: 0 Thread(s)
Quoted: 1695 Post(s)
Liked 1,385 Times in 946 Posts
Shimano Hacked - Not unexpected

With constant reports of other businesses being hacked it was probably just a matter of time. What next, your Di2 system suddenly freezes up? Keep your data secured and be very careful what you click on.

Shimano Was the Victim of a Ransomware Attack and Didnít Pay the Ransom. Hackers Then Published a LOT of Data. (msn.com)
skidder is offline  
Old 11-29-23, 04:11 AM
  #2  
Turnin_Wrenches
Junior Member
 
Join Date: Oct 2023
Location: Florida
Posts: 137

Bikes: Basso Diamante SV (2021), Trek Speed Concept SLR7 (2023), Time Alpe D'Huez (2023), Trek Madone SLR7 (2024)

Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 101 Post(s)
Liked 69 Times in 42 Posts
Interesting. Perhaps this is part of the reason the Shimano B2B site was down for several days earlier this month. Between the Hollowtech II crank recall and now this ^, Shimano has had a rough year. I have a feeling 2024 will be another difficult year for the cycling industry.
Turnin_Wrenches is offline  
Old 11-29-23, 04:39 AM
  #3  
PeteHski
Senior Member
 
PeteHski's Avatar
 
Join Date: May 2021
Posts: 7,762
Mentioned: 12 Post(s)
Tagged: 0 Thread(s)
Quoted: 4041 Post(s)
Liked 4,428 Times in 2,748 Posts
Originally Posted by Turnin_Wrenches
Interesting. Perhaps this is part of the reason the Shimano B2B site was down for several days earlier this month. Between the Hollowtech II crank recall and now this ^, Shimano has had a rough year. I have a feeling 2024 will be another difficult year for the cycling industry.
Isnít every year a difficult year for the cycling industry?
PeteHski is offline  
Old 11-29-23, 04:48 AM
  #4  
Turnin_Wrenches
Junior Member
 
Join Date: Oct 2023
Location: Florida
Posts: 137

Bikes: Basso Diamante SV (2021), Trek Speed Concept SLR7 (2023), Time Alpe D'Huez (2023), Trek Madone SLR7 (2024)

Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 101 Post(s)
Liked 69 Times in 42 Posts
Originally Posted by PeteHski
Isnít every year a difficult year for the cycling industry?
... You have a valid point.
Turnin_Wrenches is offline  
Old 11-29-23, 05:29 AM
  #5  
BTinNYC 
...
 
Join Date: Oct 2021
Location: Whitestone and Rensselaerville, New York
Posts: 1,383

Bikes: Bicycles? Yup.

Mentioned: 6 Post(s)
Tagged: 0 Thread(s)
Quoted: 425 Post(s)
Liked 1,302 Times in 653 Posts
Every major corporate intrusion I responded to during my career was because the company left the door open. Mostly due to unpatched or truly old server software. Retired for 4 years now, and the tech world changes fast, but dollars to donuts...
BTinNYC is offline  
Likes For BTinNYC:
Old 11-29-23, 06:18 AM
  #6  
indyfabz
Senior Member
 
indyfabz's Avatar
 
Join Date: Jan 2010
Posts: 38,809
Mentioned: 210 Post(s)
Tagged: 1 Thread(s)
Quoted: 18212 Post(s)
Liked 14,971 Times in 7,088 Posts
I thought this thread was going to be about a hack for using Shimano with fingerless gloves.
indyfabz is offline  
Likes For indyfabz:
Old 11-29-23, 06:47 AM
  #7  
skidder
Pennylane Splitter
Thread Starter
 
Join Date: Sep 2012
Location: Orange County, California
Posts: 1,853

Bikes: Yes

Mentioned: 13 Post(s)
Tagged: 0 Thread(s)
Quoted: 1695 Post(s)
Liked 1,385 Times in 946 Posts
Its probably related to my viewing preferences on the web, but I get a lot on news stories about businesses large and small getting hacked for ransom or just by mischief makers. Really disturbing considering so many companies have so much on the web these days. Back when I was working (I wasn't in I.T.) we'd get a few hacks ech year. I used to delete emails that had simplistic titles that scream potential hack and that the I.T. guys warned everyone about, like "Hey", Our Meeting", Your Ideas", stuff like that, and it got me in trouble. I asked the I.T. folks how those got through and apparently it was lazy admin management that didn't allow the systems to be set up to block simplistic, non-specific phrases like that or send them to spam folders. They liked that I did delete those emails. Apparently about 90% of the incoming email we received was spam.
skidder is offline  
Likes For skidder:
Old 11-29-23, 06:59 AM
  #8  
indyfabz
Senior Member
 
indyfabz's Avatar
 
Join Date: Jan 2010
Posts: 38,809
Mentioned: 210 Post(s)
Tagged: 1 Thread(s)
Quoted: 18212 Post(s)
Liked 14,971 Times in 7,088 Posts
Originally Posted by skidder
I used to delete emails that had simplistic titles that scream potential hack and that the I.T. guys warned everyone about,
I am pretty much a luddite when it comes to technology, but what I am good at is spotting B.S. Despite repeated warnings of the kind you mention, over the years we have had employees click on obviously suspicious links in emails, resulting in viruses.

It only takes a minute to stop and consider whether something passes the smell test. If it seems even remotely suspicious, report it to I.T. just to be safe.
indyfabz is offline  
Likes For indyfabz:
Old 11-29-23, 09:05 AM
  #9  
tomato coupe
Senior Member
 
Join Date: Jul 2009
Posts: 5,732

Bikes: Colnago, Van Dessel, Factor, Cervelo, Ritchey

Mentioned: 5 Post(s)
Tagged: 0 Thread(s)
Quoted: 3811 Post(s)
Liked 7,019 Times in 2,838 Posts
I read the hacker was a retro grouch that demanded that Shimano go back to 6-spd, rim brake setups with no carbon parts. Apparently the ransomware was hidden in a Lotus 1-2-3 file uploaded from a 5-1/4 inch floppy disc.
tomato coupe is offline  
Old 11-29-23, 09:22 AM
  #10  
indyfabz
Senior Member
 
indyfabz's Avatar
 
Join Date: Jan 2010
Posts: 38,809
Mentioned: 210 Post(s)
Tagged: 1 Thread(s)
Quoted: 18212 Post(s)
Liked 14,971 Times in 7,088 Posts
Originally Posted by tomato coupe
Apparently the ransomware was hidden in a Lotus 1-2-3 file uploaded from a 5-1/4 inch floppy disc.
I am 5-1/4 floppy disc old.
indyfabz is offline  
Likes For indyfabz:
Old 11-29-23, 09:32 AM
  #11  
pdlamb
Senior Member
 
Join Date: Dec 2010
Location: northern Deep South
Posts: 8,779

Bikes: Fuji Touring, Novara Randonee

Mentioned: 36 Post(s)
Tagged: 0 Thread(s)
Quoted: 2536 Post(s)
Liked 1,853 Times in 1,162 Posts
Originally Posted by indyfabz
I am 5-1/4 floppy disc old.
Maybe I should be more circumspect, but I'm 8" floppy disc old. (DEC PDP 11)

Actually the computer at my college was paper tape. Only the operators got to use magnetic tape to boot (and re-boot) it, but the boot loader was paper tape.

Now I feel old.
pdlamb is offline  
Old 11-29-23, 09:38 AM
  #12  
jadmt
Senior Member
 
jadmt's Avatar
 
Join Date: Mar 2022
Location: Missoula MT
Posts: 1,746

Bikes: Handsome xoxo, Serotta atx, Canyon Endurace CF8

Mentioned: 1 Post(s)
Tagged: 0 Thread(s)
Quoted: 899 Post(s)
Liked 1,823 Times in 823 Posts
Originally Posted by indyfabz
I am 5-1/4 floppy disc old.
man in my group that would open the door for a good laugh but it probably get me banned here so I won't........lol
jadmt is offline  
Old 11-29-23, 09:54 AM
  #13  
GeezyRider 
Senior Member
 
GeezyRider's Avatar
 
Join Date: Aug 2015
Location: Delaware Sea Shore
Posts: 511

Bikes: There is always room for one more.

Mentioned: 2 Post(s)
Tagged: 0 Thread(s)
Quoted: 176 Post(s)
Liked 356 Times in 210 Posts
Floppy disc? Meh. Real men wrote their COBOL code and JCL on coding sheets and sent them to the key punch operators to make 80 column punch cards. Sure, it took a week or more to get a clean compile for a program but I never saw any of that code hacked.
__________________
Don
GeezyRider is offline  
Likes For GeezyRider:
Old 11-29-23, 10:55 AM
  #14  
pdlamb
Senior Member
 
Join Date: Dec 2010
Location: northern Deep South
Posts: 8,779

Bikes: Fuji Touring, Novara Randonee

Mentioned: 36 Post(s)
Tagged: 0 Thread(s)
Quoted: 2536 Post(s)
Liked 1,853 Times in 1,162 Posts
Originally Posted by GeezyRider
Floppy disc? Meh. Real men wrote their COBOL code and JCL on coding sheets and sent them to the key punch operators to make 80 column punch cards. Sure, it took a week or more to get a clean compile for a program but I never saw any of that code hacked.
There weren't any networks back then, were there? I remember a summer job at a bank; we had to pick up the phone and call downtown to find out if a check was good, because that's where the computer was.
pdlamb is offline  
Likes For pdlamb:
Old 11-29-23, 11:14 AM
  #15  
terrymorse 
climber has-been
 
terrymorse's Avatar
 
Join Date: Dec 2004
Location: Palo Alto, CA
Posts: 6,801

Bikes: Scott Addict R1, Felt Z1

Mentioned: 10 Post(s)
Tagged: 0 Thread(s)
Quoted: 3173 Post(s)
Liked 3,258 Times in 1,645 Posts
Originally Posted by GeezyRider
Floppy disc? Meh. Real men wrote their COBOL code and JCL on coding sheets and sent them to the key punch operators to make 80 column punch cards. Sure, it took a week or more to get a clean compile for a program but I never saw any of that code hacked.
COBOL? Please.

Men with the right stuff wrote exclusively in FORTRAN IV. And of course we never touched a keypunch machine, as keypunch operator was a hourly (union) job.
__________________
Ride, Rest, Repeat

Zwift: Terry Morse [OldAF]
ROUVY: terrymorse





terrymorse is offline  
Likes For terrymorse:
Old 11-29-23, 11:22 AM
  #16  
jon c. 
Senior Member
 
Join Date: Mar 2012
Location: Tallahassee, FL
Posts: 4,812
Mentioned: 5 Post(s)
Tagged: 0 Thread(s)
Quoted: 1590 Post(s)
Likes: 0
Liked 1,010 Times in 568 Posts
The only programming I've ever done was on punch cards in college. You'd have a pretty large box for what would now be an incredibly simple program. I never got beyond the incredibly simple.
jon c. is offline  
Old 11-29-23, 11:33 AM
  #17  
blacknbluebikes 
Senior Member
 
blacknbluebikes's Avatar
 
Join Date: Jul 2013
Location: NJ, USA
Posts: 1,267

Bikes: two blacks, a blue and a white.

Mentioned: 2 Post(s)
Tagged: 0 Thread(s)
Quoted: 435 Post(s)
Liked 816 Times in 402 Posts
IBM made a very nice punchcard work desk, like 3rd generation. You'd type a few things for a line and whoosh, the card moved to the back of the stack and a new one loaded. Throughoughly modern Millie. Debugging was a bee-atch.
blacknbluebikes is offline  
Old 11-29-23, 12:13 PM
  #18  
SurferRosa
seŮor miembro
 
SurferRosa's Avatar
 
Join Date: Dec 2018
Location: Pac NW
Posts: 8,738

Bikes: '70s - '80s Campagnolo

Mentioned: 92 Post(s)
Tagged: 0 Thread(s)
Quoted: 3832 Post(s)
Liked 6,401 Times in 3,165 Posts
Originally Posted by terrymorse
COBOL? Please.
Immensely popular business transaction language and, oddly enough, is probably still used.
SurferRosa is offline  
Old 11-29-23, 12:19 PM
  #19  
JohnDThompson 
Old fart
 
JohnDThompson's Avatar
 
Join Date: Nov 2004
Location: Appleton WI
Posts: 24,875

Bikes: Several, mostly not name brands.

Mentioned: 153 Post(s)
Tagged: 0 Thread(s)
Quoted: 3546 Post(s)
Liked 3,289 Times in 1,882 Posts
Originally Posted by pdlamb
There weren't any networks back then, were there? I remember a summer job at a bank; we had to pick up the phone and call downtown to find out if a check was good, because that's where the computer was.
Remember those print-outs of bad credit card numbers that came out every week or so, so you could check that a customer's credit card was valid?
JohnDThompson is offline  
Likes For JohnDThompson:
Old 11-29-23, 12:23 PM
  #20  
JohnDThompson 
Old fart
 
JohnDThompson's Avatar
 
Join Date: Nov 2004
Location: Appleton WI
Posts: 24,875

Bikes: Several, mostly not name brands.

Mentioned: 153 Post(s)
Tagged: 0 Thread(s)
Quoted: 3546 Post(s)
Liked 3,289 Times in 1,882 Posts
Originally Posted by jon c.
The only programming I've ever done was on punch cards in college. You'd have a pretty large box for what would now be an incredibly simple program. I never got beyond the incredibly simple.
Same here. Write out the program in a notebook in your dorm room, go to the computer center to see if a keypunch was free, if so, transcribe your program onto the punch cards. Then place the stack of cards in the job queue to be run overnight when the computer wasn't doing more important things like processing payroll. Come back the next day for the greenbar output with all your errors flagged. Go back to dorm room and try again.
JohnDThompson is offline  
Old 11-29-23, 12:24 PM
  #21  
skidder
Pennylane Splitter
Thread Starter
 
Join Date: Sep 2012
Location: Orange County, California
Posts: 1,853

Bikes: Yes

Mentioned: 13 Post(s)
Tagged: 0 Thread(s)
Quoted: 1695 Post(s)
Liked 1,385 Times in 946 Posts
Originally Posted by tomato coupe
I read the hacker was a retro grouch that demanded that Shimano go back to 6-spd, rim brake setups with no carbon parts. Apparently the ransomware was hidden in a Lotus 1-2-3 file uploaded from a 5-1/4 inch floppy disc.
I don't care what the evidence shows, IT WAS NOT ME! Hold that thought for a moment, I've got a call coming in on my Nokia flip phone.
skidder is offline  
Old 11-29-23, 01:14 PM
  #22  
indyfabz
Senior Member
 
indyfabz's Avatar
 
Join Date: Jan 2010
Posts: 38,809
Mentioned: 210 Post(s)
Tagged: 1 Thread(s)
Quoted: 18212 Post(s)
Liked 14,971 Times in 7,088 Posts
Originally Posted by terrymorse
COBOL? Please.

Men with the right stuff wrote exclusively in FORTRAN IV. And of course we never touched a keypunch machine, as keypunch operator was a hourly (union) job.
Youngster.

Hereís how we did it in my day.

indyfabz is offline  
Likes For indyfabz:
Old 11-29-23, 01:22 PM
  #23  
Trakhak
Senior Member
 
Trakhak's Avatar
 
Join Date: Jan 2005
Location: Baltimore, MD
Posts: 5,176
Mentioned: 13 Post(s)
Tagged: 0 Thread(s)
Quoted: 2329 Post(s)
Liked 2,752 Times in 1,571 Posts
Originally Posted by pdlamb
There weren't any networks back then, were there? I remember a summer job at a bank; we had to pick up the phone and call downtown to find out if a check was good, because that's where the computer was.
In the early days of computers in banks, an enterprising programmer once collected dozens of deposit slips from the lobbies of branches of a local bank, printed an account number on them, and returned them to the bank lobbies. Two days later, he closed the account and walked off with a lot of cash. (Or so the story went, anyway.)
Trakhak is offline  
Old 11-29-23, 01:22 PM
  #24  
GeezyRider 
Senior Member
 
GeezyRider's Avatar
 
Join Date: Aug 2015
Location: Delaware Sea Shore
Posts: 511

Bikes: There is always room for one more.

Mentioned: 2 Post(s)
Tagged: 0 Thread(s)
Quoted: 176 Post(s)
Liked 356 Times in 210 Posts
If you look at the front of the IBM building near Baltimore's Inner Harbor, you will see that it was designed to resemble a punch card.
__________________
Don
GeezyRider is offline  
Old 11-29-23, 01:27 PM
  #25  
BTinNYC 
...
 
Join Date: Oct 2021
Location: Whitestone and Rensselaerville, New York
Posts: 1,383

Bikes: Bicycles? Yup.

Mentioned: 6 Post(s)
Tagged: 0 Thread(s)
Quoted: 425 Post(s)
Liked 1,302 Times in 653 Posts
Since the topic has gone full nerd, I was stuck on getting some code to work and yeah, ChatGPT spat the the correct syntax in a couple of seconds. The sand is shifting underfoot and if I was still in the game I'd probably be in AI based customer support.
BTinNYC is offline  

Thread Tools
Search this Thread

Contact Us - Archive - Advertising - Cookie Policy - Privacy Statement - Terms of Service -

Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.