Aiphone Confirms "Unauthorized Access" To "IT Network", Phone / Email Down For 14 Days
Major intercom manufacturer Aiphone has now confirmed "unauthorized access" to its "IT network", the third major physical security manufacturer impacted in the last two years; see Axis "Experiencing An IT-Related Attack" and Scansource Ransomware Attack.
Inside, we examine the issues, what Aiphone told IPVM, and the potential impact on users.
Aiphone ******** ************ ******, ************* **-***** (*/**)
**** ****, ******* ********* ** **** that **** ****** *** ****** ** "unauthorized ******," *** **** *********, *** company **** **** ******, ********* * response ****, *** ******** *** ******** to *** ***********.
** **** ****, ** ****** ***** of ** ******** *********unauthorized ****** to our ***** ** ***********. Upon discovery, we *********** **** **** ****** *** ********* * ************* ******** ******** ****. Industry-leading digital forensic specialists were engaged to help contain and investigate. The incident was also ******** ** *** ***********, with whom we are cooperating. [Emphasis Added]
******* ****** *** ************* ** *******, and ***** ** ** ********** ** customer **** ***** ***********.
*****investigations **** **** ****** *** *******, there is no indication of impact outside of Aiphone’s internal network nor *** ********** ** ******** **** ***** ***********. [Emphasis Added]
Two-Week ******
***** *** ******** ****** *** ******** as "* ****", ******* ********* ** IPVM ******** **** ******** "****** *** weeks":
*** ** *******’* ******** ****** ******** were ******** ****** *** ***** ** the ********, ***** ******** ** **** 25th.
**** ******** **** *******'* ******** *** operational (*/**), *** ** **** ******* become *********, ** **** ******.
Aiphone ********
******* ** * ******** ****** *****-***** manufacturer ** *********, ********* **** ********, access *******, *** ******* *******. **** have * ****** *** ** ~$**** USD (¥**.***), ****** **** *** ** the ******* (** *** *** *******) intercom ************* ** *** *****.
******* ** ******** **** *** *****-****, audio/video **** ********, *** *****-****** *********. Historically, ******* *** ******* ** ****** intercoms, **** ***** ** ******* **** some ***********, **** ****, ****** **** **** ******** ******* more ****** ** ***********.
Outage ******** (*/**-*/*)
** **** ****, ******* ****** *** following ****** ** ***** ********, ********** issues **** ***** *** ***** ******** and ********* ****** **** ***** ** late *********:
************, *******'* ******* ****** * ***** to *** ***** **** *** **** information:
Phone ****** ********* (*/**)
************, ******** ***** ** *******'* **** number *** **** ******* ** ****** (7/28) **** ***** ************ ** ***** disconnected **** ***********.
******* **** **** **** ****** **** partially ******** ******** *** *** ** full ******** ***** **** **** (*/**).
******: **** ********* *** **** ****** and **** ******* ***** *** ***********.
LinkedIn ****/******* ***** *******, ******* **** **** ** ****** (*/*)
*******, ** ** ******* *********, **/**/**,**** **** *** **** ********** *** ***** ** *** *****, as **** *** ***** ** *** Aiphone *******.
***** *** *** **** *** ***** were *******, ******* ****:
*** ******** **** *** ******* *********** were ******* ** *** ***** ****** and ***** *** **** ** *** running ** * ****** ********.
QuikChat ****, *********
** ******** ** ***** *** ***** issues, *******'********* **** ******* ******* ***** ** ***** ****.
*******, ******* ******** ** ***** ********** that **** ** ********* *** *** to ******* ************, *** *** *******.
** ** *********** ** ****** **, 2023, ******** ** ***** ******* ** "Temporarily ****".
Aiphone ********: *************, ***** ******* (*/*)
**** ********* ***** *** ******* ** the ******, ******* **** **** **** currently ************* *** *****:
******* ******** * ******* ***** **** week. ** *** ********* ************* *** cause *** ******* ******.
*** ***** *** ***** ******* *** back ** *** ****** ** ***** to **** ******** *****. [*/*]
** ***** ** **** *********** ** share ** *** ********** ** *** investigation ** **** ***** ** ******** release.
****, ** ***** ************ ******* **** was * ***** ******, ******* **********:
***** *** ************* ** ********, * can **** ******* ***** *** * network ***** ***** ****** ** ************ in *** ********.
Outage ******
******* **** *** ******* **** ***** services *** ***** *** ******** ******* distribution. *********, *** ****** ** *********** was ******* ** ************** ********* **** their *****/******* **** ***** ***********.
******* ***** **** ***** *** "** indication ** ****** ******* ** *******'* internal ******* *** *** ********** ** customer **** ***** ***********."
****...****** **.