Go Back  Bike Forums > Bike Forums > General Cycling Discussion
Reload this Page >

Shimano Hacked - Not unexpected

Notices
General Cycling Discussion Have a cycling related question or comment that doesn't fit in one of the other specialty forums? Drop on in and post in here! When possible, please select the forum above that most fits your post!

Shimano Hacked - Not unexpected

Old 11-28-23, 06:40 PM
  #1  
Pennylane Splitter
Thread Starter
 
Join Date: Sep 2012
Location: Orange County, California
Posts: 1,878

Bikes: Yes

Mentioned: 14 Post(s)
Tagged: 0 Thread(s)
Quoted: 1784 Post(s)
Liked 1,437 Times in 987 Posts
Shimano Hacked - Not unexpected

With constant reports of other businesses being hacked it was probably just a matter of time. What next, your Di2 system suddenly freezes up? Keep your data secured and be very careful what you click on.

Shimano Was the Victim of a Ransomware Attack and Didnít Pay the Ransom. Hackers Then Published a LOT of Data. (msn.com)
skidder is offline  
Old 11-29-23, 04:11 AM
  #2  
Junior Member
 
Join Date: Oct 2023
Location: Florida
Posts: 148

Bikes: Basso Diamante SV (2021), Trek Speed Concept SLR7 (2023), Time Alpe D'Huez (2023), Trek Madone SLR7 (2024)

Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 107 Post(s)
Liked 83 Times in 48 Posts
Interesting. Perhaps this is part of the reason the Shimano B2B site was down for several days earlier this month. Between the Hollowtech II crank recall and now this ^, Shimano has had a rough year. I have a feeling 2024 will be another difficult year for the cycling industry.
Turnin_Wrenches is offline  
Old 11-29-23, 04:39 AM
  #3  
Senior Member
 
PeteHski's Avatar
 
Join Date: May 2021
Posts: 8,381
Mentioned: 12 Post(s)
Tagged: 0 Thread(s)
Quoted: 4388 Post(s)
Liked 4,828 Times in 2,984 Posts
Originally Posted by Turnin_Wrenches
Interesting. Perhaps this is part of the reason the Shimano B2B site was down for several days earlier this month. Between the Hollowtech II crank recall and now this ^, Shimano has had a rough year. I have a feeling 2024 will be another difficult year for the cycling industry.
Isnít every year a difficult year for the cycling industry?
PeteHski is offline  
Old 11-29-23, 04:48 AM
  #4  
Junior Member
 
Join Date: Oct 2023
Location: Florida
Posts: 148

Bikes: Basso Diamante SV (2021), Trek Speed Concept SLR7 (2023), Time Alpe D'Huez (2023), Trek Madone SLR7 (2024)

Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 107 Post(s)
Liked 83 Times in 48 Posts
Originally Posted by PeteHski
Isnít every year a difficult year for the cycling industry?
... You have a valid point.
Turnin_Wrenches is offline  
Old 11-29-23, 05:29 AM
  #5  
...
 
Join Date: Oct 2021
Location: Whitestone and Rensselaerville, New York
Posts: 1,495

Bikes: Bicycles? Yup.

Mentioned: 8 Post(s)
Tagged: 0 Thread(s)
Quoted: 477 Post(s)
Liked 1,562 Times in 728 Posts
Every major corporate intrusion I responded to during my career was because the company left the door open. Mostly due to unpatched or truly old server software. Retired for 4 years now, and the tech world changes fast, but dollars to donuts...
BTinNYC is offline  
Likes For BTinNYC:
Old 11-29-23, 06:18 AM
  #6  
Senior Member
 
indyfabz's Avatar
 
Join Date: Jan 2010
Posts: 39,222
Mentioned: 211 Post(s)
Tagged: 1 Thread(s)
Quoted: 18404 Post(s)
Liked 15,496 Times in 7,318 Posts
I thought this thread was going to be about a hack for using Shimano with fingerless gloves.
indyfabz is offline  
Likes For indyfabz:
Old 11-29-23, 06:47 AM
  #7  
Pennylane Splitter
Thread Starter
 
Join Date: Sep 2012
Location: Orange County, California
Posts: 1,878

Bikes: Yes

Mentioned: 14 Post(s)
Tagged: 0 Thread(s)
Quoted: 1784 Post(s)
Liked 1,437 Times in 987 Posts
Its probably related to my viewing preferences on the web, but I get a lot on news stories about businesses large and small getting hacked for ransom or just by mischief makers. Really disturbing considering so many companies have so much on the web these days. Back when I was working (I wasn't in I.T.) we'd get a few hacks ech year. I used to delete emails that had simplistic titles that scream potential hack and that the I.T. guys warned everyone about, like "Hey", Our Meeting", Your Ideas", stuff like that, and it got me in trouble. I asked the I.T. folks how those got through and apparently it was lazy admin management that didn't allow the systems to be set up to block simplistic, non-specific phrases like that or send them to spam folders. They liked that I did delete those emails. Apparently about 90% of the incoming email we received was spam.
skidder is offline  
Likes For skidder:
Old 11-29-23, 06:59 AM
  #8  
Senior Member
 
indyfabz's Avatar
 
Join Date: Jan 2010
Posts: 39,222
Mentioned: 211 Post(s)
Tagged: 1 Thread(s)
Quoted: 18404 Post(s)
Liked 15,496 Times in 7,318 Posts
Originally Posted by skidder
I used to delete emails that had simplistic titles that scream potential hack and that the I.T. guys warned everyone about,
I am pretty much a luddite when it comes to technology, but what I am good at is spotting B.S. Despite repeated warnings of the kind you mention, over the years we have had employees click on obviously suspicious links in emails, resulting in viruses.

It only takes a minute to stop and consider whether something passes the smell test. If it seems even remotely suspicious, report it to I.T. just to be safe.
indyfabz is offline  
Likes For indyfabz:
Old 11-29-23, 09:05 AM
  #9  
Senior Member
 
Join Date: Jul 2009
Posts: 5,938

Bikes: Colnago, Van Dessel, Factor, Cervelo, Ritchey

Mentioned: 5 Post(s)
Tagged: 0 Thread(s)
Quoted: 3943 Post(s)
Liked 7,286 Times in 2,942 Posts
I read the hacker was a retro grouch that demanded that Shimano go back to 6-spd, rim brake setups with no carbon parts. Apparently the ransomware was hidden in a Lotus 1-2-3 file uploaded from a 5-1/4 inch floppy disc.
tomato coupe is offline  
Old 11-29-23, 09:22 AM
  #10  
Senior Member
 
indyfabz's Avatar
 
Join Date: Jan 2010
Posts: 39,222
Mentioned: 211 Post(s)
Tagged: 1 Thread(s)
Quoted: 18404 Post(s)
Liked 15,496 Times in 7,318 Posts
Originally Posted by tomato coupe
Apparently the ransomware was hidden in a Lotus 1-2-3 file uploaded from a 5-1/4 inch floppy disc.
I am 5-1/4 floppy disc old.
indyfabz is offline  
Likes For indyfabz:
Old 11-29-23, 09:32 AM
  #11  
Senior Member
 
Join Date: Dec 2010
Location: northern Deep South
Posts: 8,895

Bikes: Fuji Touring, Novara Randonee

Mentioned: 36 Post(s)
Tagged: 0 Thread(s)
Quoted: 2599 Post(s)
Liked 1,924 Times in 1,208 Posts
Originally Posted by indyfabz
I am 5-1/4 floppy disc old.
Maybe I should be more circumspect, but I'm 8" floppy disc old. (DEC PDP 11)

Actually the computer at my college was paper tape. Only the operators got to use magnetic tape to boot (and re-boot) it, but the boot loader was paper tape.

Now I feel old.
pdlamb is offline  
Old 11-29-23, 09:38 AM
  #12  
Senior Member
 
jadmt's Avatar
 
Join Date: Mar 2022
Location: Missoula MT
Posts: 1,764

Bikes: Handsome xoxo, Serotta atx, Canyon Endurace CF8

Mentioned: 1 Post(s)
Tagged: 0 Thread(s)
Quoted: 904 Post(s)
Liked 1,883 Times in 843 Posts
Originally Posted by indyfabz
I am 5-1/4 floppy disc old.
man in my group that would open the door for a good laugh but it probably get me banned here so I won't........lol
jadmt is offline  
Old 11-29-23, 09:54 AM
  #13  
Senior Member
 
GeezyRider's Avatar
 
Join Date: Aug 2015
Location: Delaware Sea Shore
Posts: 528

Bikes: There is always room for one more.

Mentioned: 2 Post(s)
Tagged: 0 Thread(s)
Quoted: 183 Post(s)
Liked 381 Times in 223 Posts
Floppy disc? Meh. Real men wrote their COBOL code and JCL on coding sheets and sent them to the key punch operators to make 80 column punch cards. Sure, it took a week or more to get a clean compile for a program but I never saw any of that code hacked.
__________________
Don
GeezyRider is offline  
Likes For GeezyRider:
Old 11-29-23, 10:55 AM
  #14  
Senior Member
 
Join Date: Dec 2010
Location: northern Deep South
Posts: 8,895

Bikes: Fuji Touring, Novara Randonee

Mentioned: 36 Post(s)
Tagged: 0 Thread(s)
Quoted: 2599 Post(s)
Liked 1,924 Times in 1,208 Posts
Originally Posted by GeezyRider
Floppy disc? Meh. Real men wrote their COBOL code and JCL on coding sheets and sent them to the key punch operators to make 80 column punch cards. Sure, it took a week or more to get a clean compile for a program but I never saw any of that code hacked.
There weren't any networks back then, were there? I remember a summer job at a bank; we had to pick up the phone and call downtown to find out if a check was good, because that's where the computer was.
pdlamb is offline  
Likes For pdlamb:
Old 11-29-23, 11:14 AM
  #15  
climber has-been
 
terrymorse's Avatar
 
Join Date: Dec 2004
Location: Palo Alto, CA
Posts: 7,091

Bikes: Scott Addict R1, Felt Z1

Mentioned: 10 Post(s)
Tagged: 0 Thread(s)
Quoted: 3417 Post(s)
Liked 3,548 Times in 1,784 Posts
Originally Posted by GeezyRider
Floppy disc? Meh. Real men wrote their COBOL code and JCL on coding sheets and sent them to the key punch operators to make 80 column punch cards. Sure, it took a week or more to get a clean compile for a program but I never saw any of that code hacked.
COBOL? Please.

Men with the right stuff wrote exclusively in FORTRAN IV. And of course we never touched a keypunch machine, as keypunch operator was a hourly (union) job.
__________________
Ride, Rest, Repeat. ROUVY: terrymorse


terrymorse is offline  
Likes For terrymorse:
Old 11-29-23, 11:22 AM
  #16  
Senior Member
 
Join Date: Mar 2012
Location: Tallahassee, FL
Posts: 4,811
Mentioned: 5 Post(s)
Tagged: 0 Thread(s)
Quoted: 1591 Post(s)
Likes: 0
Liked 1,017 Times in 571 Posts
The only programming I've ever done was on punch cards in college. You'd have a pretty large box for what would now be an incredibly simple program. I never got beyond the incredibly simple.
jon c. is offline  
Old 11-29-23, 11:33 AM
  #17  
Senior Member
 
blacknbluebikes's Avatar
 
Join Date: Jul 2013
Location: NJ, USA
Posts: 1,278

Bikes: two blacks, a blue and a white.

Mentioned: 2 Post(s)
Tagged: 0 Thread(s)
Quoted: 444 Post(s)
Liked 844 Times in 408 Posts
IBM made a very nice punchcard work desk, like 3rd generation. You'd type a few things for a line and whoosh, the card moved to the back of the stack and a new one loaded. Throughoughly modern Millie. Debugging was a bee-atch.
blacknbluebikes is offline  
Old 11-29-23, 12:13 PM
  #18  
seŮor miembro
 
SurferRosa's Avatar
 
Join Date: Dec 2018
Location: Pac NW
Posts: 6,602

Bikes: '70s - '80s Campagnolo

Mentioned: 92 Post(s)
Tagged: 0 Thread(s)
Quoted: 3870 Post(s)
Liked 6,461 Times in 3,194 Posts
Originally Posted by terrymorse
COBOL? Please.
Immensely popular business transaction language and, oddly enough, is probably still used.
SurferRosa is offline  
Old 11-29-23, 12:19 PM
  #19  
Old fart
 
JohnDThompson's Avatar
 
Join Date: Nov 2004
Location: Appleton WI
Posts: 24,780

Bikes: Several, mostly not name brands.

Mentioned: 153 Post(s)
Tagged: 0 Thread(s)
Quoted: 3583 Post(s)
Liked 3,396 Times in 1,930 Posts
Originally Posted by pdlamb
There weren't any networks back then, were there? I remember a summer job at a bank; we had to pick up the phone and call downtown to find out if a check was good, because that's where the computer was.
Remember those print-outs of bad credit card numbers that came out every week or so, so you could check that a customer's credit card was valid?
JohnDThompson is offline  
Likes For JohnDThompson:
Old 11-29-23, 12:23 PM
  #20  
Old fart
 
JohnDThompson's Avatar
 
Join Date: Nov 2004
Location: Appleton WI
Posts: 24,780

Bikes: Several, mostly not name brands.

Mentioned: 153 Post(s)
Tagged: 0 Thread(s)
Quoted: 3583 Post(s)
Liked 3,396 Times in 1,930 Posts
Originally Posted by jon c.
The only programming I've ever done was on punch cards in college. You'd have a pretty large box for what would now be an incredibly simple program. I never got beyond the incredibly simple.
Same here. Write out the program in a notebook in your dorm room, go to the computer center to see if a keypunch was free, if so, transcribe your program onto the punch cards. Then place the stack of cards in the job queue to be run overnight when the computer wasn't doing more important things like processing payroll. Come back the next day for the greenbar output with all your errors flagged. Go back to dorm room and try again.
JohnDThompson is offline  
Old 11-29-23, 12:24 PM
  #21  
Pennylane Splitter
Thread Starter
 
Join Date: Sep 2012
Location: Orange County, California
Posts: 1,878

Bikes: Yes

Mentioned: 14 Post(s)
Tagged: 0 Thread(s)
Quoted: 1784 Post(s)
Liked 1,437 Times in 987 Posts
Originally Posted by tomato coupe
I read the hacker was a retro grouch that demanded that Shimano go back to 6-spd, rim brake setups with no carbon parts. Apparently the ransomware was hidden in a Lotus 1-2-3 file uploaded from a 5-1/4 inch floppy disc.
I don't care what the evidence shows, IT WAS NOT ME! Hold that thought for a moment, I've got a call coming in on my Nokia flip phone.
skidder is offline  
Old 11-29-23, 01:14 PM
  #22  
Senior Member
 
indyfabz's Avatar
 
Join Date: Jan 2010
Posts: 39,222
Mentioned: 211 Post(s)
Tagged: 1 Thread(s)
Quoted: 18404 Post(s)
Liked 15,496 Times in 7,318 Posts
Originally Posted by terrymorse
COBOL? Please.

Men with the right stuff wrote exclusively in FORTRAN IV. And of course we never touched a keypunch machine, as keypunch operator was a hourly (union) job.
Youngster.

Hereís how we did it in my day.

indyfabz is offline  
Likes For indyfabz:
Old 11-29-23, 01:22 PM
  #23  
Senior Member
 
Trakhak's Avatar
 
Join Date: Jan 2005
Location: Baltimore, MD
Posts: 5,365
Mentioned: 15 Post(s)
Tagged: 0 Thread(s)
Quoted: 2480 Post(s)
Liked 2,948 Times in 1,674 Posts
Originally Posted by pdlamb
There weren't any networks back then, were there? I remember a summer job at a bank; we had to pick up the phone and call downtown to find out if a check was good, because that's where the computer was.
In the early days of computers in banks, an enterprising programmer once collected dozens of deposit slips from the lobbies of branches of a local bank, printed an account number on them, and returned them to the bank lobbies. Two days later, he closed the account and walked off with a lot of cash. (Or so the story went, anyway.)
Trakhak is offline  
Old 11-29-23, 01:22 PM
  #24  
Senior Member
 
GeezyRider's Avatar
 
Join Date: Aug 2015
Location: Delaware Sea Shore
Posts: 528

Bikes: There is always room for one more.

Mentioned: 2 Post(s)
Tagged: 0 Thread(s)
Quoted: 183 Post(s)
Liked 381 Times in 223 Posts
If you look at the front of the IBM building near Baltimore's Inner Harbor, you will see that it was designed to resemble a punch card.
__________________
Don
GeezyRider is offline  
Old 11-29-23, 01:27 PM
  #25  
...
 
Join Date: Oct 2021
Location: Whitestone and Rensselaerville, New York
Posts: 1,495

Bikes: Bicycles? Yup.

Mentioned: 8 Post(s)
Tagged: 0 Thread(s)
Quoted: 477 Post(s)
Liked 1,562 Times in 728 Posts
Since the topic has gone full nerd, I was stuck on getting some code to work and yeah, ChatGPT spat the the correct syntax in a couple of seconds. The sand is shifting underfoot and if I was still in the game I'd probably be in AI based customer support.
BTinNYC is offline  

Thread Tools
Search this Thread

Contact Us - Archive - Advertising - Cookie Policy - Privacy Statement - Terms of Service -

Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.